Universally Composable (UC) framework provides the strongest security notion for designing fully trusted cryptographic protocols, and it is very challenging on applying UC security in the design of RFID mutual authentication protocols. In this paper, we formulate the necessary conditions for achieving UC secure RFID mutual authentication protocols which can be fully trusted in arbitrary environment, and indicate the inadequacy of some existing schemes under the UC framework. We define the ideal functionality for RFID mutual authentication and propose the first UC secure RFID mutual authentication protocol based on public key encryption and certain trusted third parties which can be modeled as functionalities. We prove the security of our protocol under the strongest adversary model assuming both the tags’ and readers’ corruptions. We also present two (public) key update protocols for the cases of multiple readers: one uses Message Authentication Code (MAC) and the other uses trusted certificates in Public Key Infrastructure (PKI). Furthermore, we address the relations between our UC framework and the zero-knowledge privacy model proposed by Deng et al.
universal composability, cryptographic protocol, RFID authentication
Computer Sciences | Information Security
IEEE Transactions on Dependable and Secure Computing
Institute of Electrical and Electronics Engineers (IEEE)
SU, Chunhua; SANTOSO, Bagus; Yingjiu LI; DENG, Robert H.; and HUANG, Xinyi.
Universally composable RFID mutual authentication. (2017). IEEE Transactions on Dependable and Secure Computing. 14, (1), 83-94. Research Collection School Of Information Systems.
Available at: http://ink.library.smu.edu.sg/sis_research/3341
Creative Commons License
This work is licensed under a Creative Commons Attribution-Noncommercial-No Derivative Works 4.0 License.