Publication Type

Conference Proceeding Article

Publication Date

9-2010

Abstract

Formal RFID security and privacy frameworks are fundamental to the design and analysis of robust RFID systems. In this paper, we develop a new definitional framework for RFID privacy in a rigorous and precise manner. Our framework is based on a zero-knowledge (ZK) formulation [8,6] and incorporates the notions of adaptive completeness and mutual authentication. We provide meticulous justification of the new framework and contrast it with existing ones in the literature. In particular, we prove that our framework is strictly stronger than the ind-privacy model of [18], which answers an open question posed in [18] for developing stronger RFID privacy models. We also clarify certain confusions and rectify several defects in the existing frameworks. Finally, based on the protocol of [20], we propose an efficient RFID mutual authentication protocol and analyze its security and privacy. The methodology used in our analysis can also be applied to analyze other RFID protocols within the new framework.

Keywords

Design and analysis, Mutual authentication, Privacy models, RFID protocols, RFID security, RFID systems, Security and privacy, Zero knowledge

Discipline

Information Security

Research Areas

Cybersecurity

Publication

Computer Security - ESORICS 2010: 15th European Symposium on Research in Computer Security, Athens, Greece, September 20-22: Proceedings

Volume

6345

First Page

1

Last Page

18

ISBN

9783642154973

Identifier

10.1007/978-3-642-15497-3_1

Publisher

Springer Verlag

City or Country

Berlin

Copyright Owner and License

Authors

Creative Commons License

Creative Commons Attribution-Noncommercial-No Derivative Works 4.0 License
This work is licensed under a Creative Commons Attribution-Noncommercial-No Derivative Works 4.0 License.

Additional URL

http://dx.doi.org/10.1007/978-3-642-15497-3_1

Share

COinS