Publication Type
Journal Article
Version
publishedVersion
Publication Date
5-2018
Abstract
A comprehensive privacy model plays a vital role in the design of privacy-preserving RFID authentication protocols. Among various existing RFID privacy models, indistinguishability-based (ind-privacy) and unpredictability-based (unp-privacy) privacy models are the two main categories. Unp*-privacy, a variant of unp-privacy has been claimed to be stronger than ind-privacy. In this paper, we focus on studying RFID privacy models and have three-fold contributions. We start with revisiting unp*-privacy model and figure out a limitation of it by giving a new practical traceability attack which can be proved secure under unp*-privacy model. To capture this kind of attack, we improve unp*-privacy model to a stronger one denoted as unp(tau)-privacy. Moreover, we prove that our proposed privacy model is stronger than ind-privacy model. Then, we explore the relationship between unp*-privacy and ind-privacy, and demonstrate that they are actually not comparable, which is in contrast to the previous belief. Next, we present a new RFID mutual authentication protocol and prove that it is secure under unp(tau)-privacy model. Finally, we construct a RFID mutual authentication model denoted as MA model, and show that unp(tau)-privacy implies MA, which gives a reference to design a privacy-preserving RFID mutual authentication protocol. That is, if we propose a scheme that satisfies unp(tau)-privacy, then it also supports mutual authentication. (C) 2018 Elsevier B.V. All rights reserved.
Keywords
RFID, Privacy models, Mutual authentication, Cryptographic protocols
Discipline
Information Security
Research Areas
Information Systems and Management
Publication
Future Generation Computer Systems
Volume
82
First Page
315
Last Page
326
ISSN
0167-739X
Identifier
10.1016/j.future.2017.12.044
Publisher
Elsevier
Citation
YANG, Anjia; ZHUANG, Yunhui; WENG, Jian; HANCKE, Gerhard; WONG, Duncan S.; and YANG, Guomin.
Exploring relationship between indistinguishability-based and unpredictability-based RFID privacy models. (2018). Future Generation Computer Systems. 82, 315-326.
Available at: https://ink.library.smu.edu.sg/sis_research/7297
Creative Commons License
This work is licensed under a Creative Commons Attribution-NonCommercial-No Derivative Works 4.0 International License.
Additional URL
http://doi.org/10.1016/j.future.2017.12.044