Paper 2007/051

Forward-secure RFID Authentication and Key Exchange

Tri van Le, Mike Burmester, and Breno de Medeiros

Abstract

Security and privacy in RFID systems is an important and active research area. A number of challenges arise due to the extremely limited computational, storage and communication abilities of a typical RFID tag. This work describes two families of simple, inexpensive, and untraceable identification protocols for RFID tags. The proposed protocols involve minimal interaction between a tag and a reader and place low computational burden on the tag, requiring only a pseudo-random generator. They also impose low computational load on the back-end server. The paper also describes a universally composable security model tuned for RFID applications. By making specific setup, communication, and concurrency assumptions that are realistic in the RFID application setting, we arrive at a model that guarantees strong security and availability properties, while still permitting the design of practical RFID protocols. We show that our protocols are provably secure within the new security model. The security supports, availability, authentication, forward-secure anonymity and key exchange, and modularity. The last attribute is most appropriate for ubiquitous applications.

Note: The two protocols discussed in this paper will appear in the proceedings of 2007 ACM Symposium on InformAtion, Computer and Communications Security (ASIACCS'07). The presentation here is intended to extend their analysis, and the context of their application

Metadata
Available format(s)
PDF
Category
Cryptographic protocols
Publication info
Published elsewhere. Based on a paper to appear in the proceedings of ASIACCS'07.
Keywords
Identification protocolsRFIDsAvailabilityAnonymityAuthenticationForward security
Contact author(s)
burmester @ cs fsu edu
History
2007-02-20: received
Short URL
https://ia.cr/2007/051
License
Creative Commons Attribution
CC BY

BibTeX

@misc{cryptoeprint:2007/051,
      author = {Tri van Le and Mike Burmester and Breno de Medeiros},
      title = {Forward-secure {RFID} Authentication and Key Exchange},
      howpublished = {Cryptology {ePrint} Archive, Paper 2007/051},
      year = {2007},
      url = {https://eprint.iacr.org/2007/051}
}
Note: In order to protect the privacy of readers, eprint.iacr.org does not use cookies or embedded third party content.