Paper 2007/407

Provably Secure Grouping-proofs for RFID tags

Mike Burmester, Breno de Medeiros, and Rossana Motta

Abstract

We investigate an application of RFIDs referred to in the literature as group scanning, in which several tags are "simultaneously" scanned by a reader device. Our goal is to study the group scanning problem in strong adversarial models. We present a security model for this application and give a formal description of the attending security requirements, focusing on the privacy (anonymity) of the grouped tags, and/ or forward-security properties. Our model is based on the Universal Composability framework and supports re usability (through modularity of security guarantees). We introduce novel protocols that realize the security models, focusing on efficient solutions based on off-the-shelf components, such as highly optimized pseudo-random function designs that require fewer than 2000 Gate-Equivalents.

Note: Withdrawal: two protocols in this paper are flawed. A revised version with a new co-author