Motivated by this need, we first introduce a strong adversary model for Physically Unclonable Functions (PUFs) based authentication protocol in which the adversary has access to volatile memory of the tag. We show that the security of Sadeghi \textit{et al.}'s PUF based authentication protocol is not secure in this model. We provide a new technique to improve the security of their protocol. Namely, in our scheme, even if an adversary has access to volatile memory she cannot obtain all long term keys to clone the tag. Next, we propose a novel RFID distance bounding protocol based on PUFs which satisfies the expected security requirements. Comparing to the previous protocols, the use of PUFs in our protocol enhances the system in terms of security and privacy. We also prove that our extended protocol with a final signature provides the ideal security against all those frauds, remarkably the terrorist fraud. Besides that, our protocols enjoy the attractive properties of PUFs, which provide a cost efficient and reliable method to fingerprint chips based on their physical properties.
Category / Keywords: RFID, Distance Bounding Protocol, PUF, Security, Terrorist fraud. Date: received 14 Feb 2011, last revised 4 Mar 2011, withdrawn 18 Jan 2012 Contact author: skardas at gmail com Available format(s): (-- withdrawn --) Version: 20120118:182658 (All versions of this report) Short URL: ia.cr/2011/075 Discussion forum: Show discussion | Start new discussion