Paper 2006/448

Universally Composable and Forward Secure RFID Authentication and Key Exchange

Tri van Le, Mike Burmester, and Breno de Medeiros


Protocols proven secure in universally composable models remain secure under concurrent and modular composition, and may be easily plugged into more complex protocols without having their security re-assessed with each new use. Recently, a universally composable framework has been proposed for Radio-Frequency Identification (RFID) authentication protocols, that simultaneously provides for availability, anonymity, and authenticity. In this paper we extend that framework to support key-compromise and forward-security issues. We also introduce new, provably secure, and highly practical protocols for anonymous authentication and key-exchange by RFID devices. The new protocols are lightweight, requiring only a pseudo-random bit generator. The new protocols satisfy forward-secure anonymity, authenticity, and availability requirements in the Universal Composability model. The proof exploits pseudo-randomness in the standard model.

Note: Modified section 7.

Available format(s)
Cryptographic protocols
Publication info
Published elsewhere. RFID Authentication Protocols, key exchange, anonymity, forward security, universal composability
Contact author(s)
levan @ cs fsu edu
2006-12-05: revised
2006-12-04: received
See all versions
Short URL
Creative Commons Attribution


      author = {Tri van Le and Mike Burmester and Breno de Medeiros},
      title = {Universally Composable and Forward Secure RFID Authentication and Key Exchange},
      howpublished = {Cryptology ePrint Archive, Paper 2006/448},
      year = {2006},
      note = {\url{}},
      url = {}
Note: In order to protect the privacy of readers, does not use cookies or embedded third party content.