Conference Proceeding Article
Formal RFID security and privacy frameworks are fundamental to the design and analysis of robust RFID systems. In this paper, we develop a new definitional framework for RFID privacy in a rigorous and precise manner. Our framework is based on a zero-knowledge (ZK) formulation [8,6] and incorporates the notions of adaptive completeness and mutual authentication. We provide meticulous justification of the new framework and contrast it with existing ones in the literature. In particular, we prove that our framework is strictly stronger than the ind-privacy model of , which answers an open question posed in  for developing stronger RFID privacy models. We also clarify certain confusions and rectify several defects in the existing frameworks. Finally, based on the protocol of , we propose an efficient RFID mutual authentication protocol and analyze its security and privacy. The methodology used in our analysis can also be applied to analyze other RFID protocols within the new framework.
Design and analysis, Mutual authentication, Privacy models, RFID protocols, RFID security, RFID systems, Security and privacy, Zero knowledge
Computer Security - ESORICS 2010: 15th European Symposium on Research in Computer Security, Athens, Greece, September 20-22: Proceedings
City or Country
DENG, Robert H.; LI, Yingjiu; YUNG, Moti; and ZHAO, Yunlei.
A new framework for RFID privacy. (2010). Computer Security - ESORICS 2010: 15th European Symposium on Research in Computer Security, Athens, Greece, September 20-22: Proceedings. 6345, 1-18. Research Collection School Of Information Systems.
Available at: http://ink.library.smu.edu.sg/sis_research/638
Copyright Owner and License
Creative Commons License
This work is licensed under a Creative Commons Attribution-Noncommercial-No Derivative Works 4.0 License.