RFID Security: Tradeoffs between Security and Efficiency

Damgård, Ivan; Pedersen, Michael Østergaard

doi:10.1007/978-3-540-79263-5_20

Ivan Damgård¹ &
Michael Østergaard Pedersen¹

Part of the book series: Lecture Notes in Computer Science ((LNSC,volume 4964))

Included in the following conference series:

Cryptographers’ Track at the RSA Conference

1145 Accesses
26 Citations

Abstract

We propose a model and definition for anonymous (group) identification that is well suited for RFID systems. This is based on the definition of Juels and Weis of strong privacy for RFID tags, where we add requirements for completeness and soundness. We also propose a weaker and more realistic definition of privacy. For the case where tags hold independent keys, we prove a conjecture by Juels and Weis, namely in a strongly private and sound RFID system using only symmetric cryptography, a reader must access virtually all keys in the system when reading a tag. It was already known from work by Molnar, Soppera and Wagner that when keys are dependent, the reader only needs to access a logarithmic number of keys, but at a cost in terms of privacy: For that system, privacy is lost if an adversary corrupts just a single tag. We propose protocols offering a new range of tradeoffs between security and efficiency. For instance, the number of keys accessed by a reader to read a tag can be significantly smaller than the number of tags while retaining soundness and privacy, as long as we assume suitable limitations on the adversary.

This is a preview of subscription content, log in via an institution to check access.

Access this chapter

Log in via an institution

Chapter: USD 29.95; Price excludes VAT (USA)

eBook: USD 39.99; Price excludes VAT (USA)

Softcover Book: USD 54.99; Price excludes VAT (USA)

Tax calculation will be finalised at checkout

Purchases are for personal use only

Institutional subscriptions

Preview

Unable to display preview. Download preview PDF.

References

Ateniese, G., Camenisch, J., Joye, M., Tsudik, G.: A practical and provably secure coalition-resistant group signature scheme. In: Bellare, M. (ed.) CRYPTO 2000. LNCS, vol. 1880, pp. 255–270. Springer, Heidelberg (2000)
Chapter Google Scholar
Avoine, G.: Adversarial model for radio frequency identification. Cryptology ePrint Archive, Report 2005/049 (2005)
Google Scholar
Avoine, G., Dysli, E., Oechslin, P.: Reducing time complexity in rfid systems. In: Preneel, B., Tavares, S. (eds.) SAC 2005. LNCS, vol. 3897, pp. 291–306. Springer, Heidelberg (2006)
Chapter Google Scholar
Avoine, G., Oechslin, P.: A scalable and provably secure hash-based rfid protocol. In: Stajano, F., Thomas, R. (eds.) PerSec 2005, vol. 00, pp. 110–114. IEEE Computer Society Press, Los Alamitos (2005)
Google Scholar
Batina, L., Guajardo, J., Kerins, T., Mentens, N., Tuyls, P., Verbauwhede, I.: An elliptic curve processor suitable for RFID-tags. Cryptology ePrint Archive, Report 2006/227 (2006)
Google Scholar
Burmester, M., van Le, T., de Medeiros, B.: Provably secure ubiquitous systems: Universally composable rfid authentication protocols. Cryptology ePrint Archive, Report 2006/131 (2006)
Google Scholar
Camenisch, J., Lysyanskaya, A.: Signature schemes and anonymous credentials from bilinear maps. In: Franklin, M. (ed.) CRYPTO 2004. LNCS, vol. 3152, pp. 56–72. Springer, Heidelberg (2004)
Google Scholar
Hellman, M.E.: A cryptanalytic time-memory tradeoff. IEEE Transactions on Information Theory 26(6), 401–406 (1980)
Article MATH MathSciNet Google Scholar
Juels, A., Weis, S.A.: Defining strong privacy for rfid. In: PERCOMW 2007, vol. 1462, pp. 342–347. IEEE Computer Society Press, Los Alamitos (2007)
Google Scholar
Kiayias, A., Yung, M.: Group signatures with efficient concurrent join. In: Cramer, R.J.F. (ed.) EUROCRYPT 2005. LNCS, vol. 3494, pp. 198–214. Springer, Heidelberg (2005)
Google Scholar
Kilian, J., Petrank, E.: Identity escrow. In: Krawczyk, H. (ed.) CRYPTO 1998. LNCS, vol. 1462, pp. 169–185. Springer, Heidelberg (1998)
Google Scholar
Molnar, D., Soppera, A., Wagner, D.: A scalable, delegatable pseudonym protocol enabling ownership transfer of rfid tags. Cryptology ePrint Archive, Report 2005/315 (2005)
Google Scholar
Ohkubo, M., Suzuki, K., Kinoshita, S.: Efficient hash-chain based rfid privacy protection scheme. In: Ubicomp, Privacy Workshop: Current Status and Future Directions (2004)
Google Scholar
de Medeiros, B., van Le, T., Burmester, M.: Universally composable and forward secure rfid authentication and key exchange. Cryptology ePrint Archive, Report 2006/448 (2006)
Google Scholar
Weis, S.A., Sarma, S.E., Rivest, R.L., Engels, D.W.: Security and privacy aspects of low-cost radio frequency identification systems. In: Hutter, D., Müller, G., Stephan, W., Ullmann, M. (eds.) Security in Pervasive Computing. LNCS, vol. 2802, pp. 201–212. Springer, Heidelberg (2004)
Google Scholar

Download references

Author information

Authors and Affiliations

University of Aarhus,
Ivan Damgård & Michael Østergaard Pedersen

Authors

Ivan Damgård
View author publications
You can also search for this author in PubMed Google Scholar
Michael Østergaard Pedersen
View author publications
You can also search for this author in PubMed Google Scholar

Editor information

Tal Malkin

Rights and permissions

Reprints and permissions

Copyright information

About this paper

Cite this paper

Damgård, I., Pedersen, M.Ø. (2008). RFID Security: Tradeoffs between Security and Efficiency. In: Malkin, T. (eds) Topics in Cryptology – CT-RSA 2008. CT-RSA 2008. Lecture Notes in Computer Science, vol 4964. Springer, Berlin, Heidelberg. https://doi.org/10.1007/978-3-540-79263-5_20

Download citation

DOI: https://doi.org/10.1007/978-3-540-79263-5_20
Publisher Name: Springer, Berlin, Heidelberg
Print ISBN: 978-3-540-79262-8
Online ISBN: 978-3-540-79263-5
eBook Packages: Computer ScienceComputer Science (R0)

Publish with us

Policies and ethics