Cryptology ePrint Archive: Report 2011/625

Two RFID Privacy Models in Front of a Court

Mohammad Hassan Habibi, Mohammad Reza Aref

Abstract: In ASIACRYPT 2007, Vaudenay proposed a comprehensive privacy model for unilateral RFID schemes. Soon after, in ASIACCS 2008, Paise and Vaudenay presented a new version of the cited model which includes mutual authentication protocols. Recently, Armknecht et al. published two papers in ACNS 2010 and Transactions on Computational Science that examines the Paise-Vaudenay model. They claim that the Paise-Vaudenay model has several inadequacies and prove some results that contradict the Paise-Vaudenay outcomes.

In this paper, we investigate the Armknecht et al.'s papers and show some subtle faults in their works. In particular, our contribution is twofold. First, we show the privacy definition and the adversary goal presented by Armknecht et al. are completely different from the Paise-Vaudenay ones. Therefore, their different results arise from the fundamental differences in their definition of the privacy and their results cannot be valid in the Paise-Vaudenay model. Furthermore, we examine Armknecht et al.'s results and show that by using their methodology, different outcomes are achieved in the same theorems. In fact we prove by using their approach to the privacy that the highest achievable privacy level is narrow-weak privacy, which contradicts most of the theorems proved by Armknecht et al.

Category / Keywords: foundations / RFID, privacy model, mutual authentication

Publication Info: In submisson

Date: received 19 Nov 2011, withdrawn 8 Aug 2013

Contact author: mohamad h habibi at gmail com

Available format(s): (-- withdrawn --)

Note: No.

Version: 20130809:001438 (All versions of this report)

Discussion forum: Show discussion | Start new discussion

[ Cryptology ePrint archive ]