Abstract
The use of RFID technology in complex and distributed environments often leads to a multi-domain RFID system in which security issues such as authentication of tags and readers, granting access to data, and revocation of readers turn into an administrative challenge. In this paper, we propose a new public-key-based mutual authentication protocol that addresses the reader revocation problem while maintaining efficiency and identity privacy. In addition, our new protocol integrates fine-grained access control and key establishment with mutual authentication. The core of our solution is the use of the concepts of key-splitting and distributed signatures to solve the validation and revocation problem. We show that our protocols can be implemented on RFID tags using lightweight implementations of elliptic curve cryptography.
Chapter PDF
Similar content being viewed by others
Keywords
References
Avoine, G., Buttyan, L., Holczer, T., Vajda, I.: Group-Based Private Authentication. In: IEEE International Symposium on a World of Wireless, Mobile and Multimedia Networks. IEEE, Los Alamitos (2007)
Avoine, G., Dysli, E., Oechslin, P.: Reducing Time Complexity in RFID Systems. In: Preneel, B., Tavares, S. (eds.) SAC 2005. LNCS, vol. 3897, pp. 291–306. Springer, Heidelberg (2006)
Bock, H., Braun, M., Dichtl, M., Heyszl, J., Hess, E., Kargl, W., Koroschetz, H., Meyer, B., Seuschek, H.: A Milestone Towards RFID Products Offering Asymmetric Authentication Based on Elliptic Curve Cryptography. In: RFIDSec 2008 — Proceedings of the 4th Workshop on RFID Security, Budapest, Hungary, July 9-11 (2008)
Bogdanov, A., Knudsen, L.R., Leander, G., Paar, C., Poschmann, A., Robshaw, M.J.B., Seurin, Y., Vikkelsoe, C.: PRESENT: An Ultra-Lightweight Block Cipher. In: Paillier, P., Verbauwhede, I. (eds.) CHES 2007. LNCS, vol. 4727, pp. 450–466. Springer, Heidelberg (2007)
Bogdanov, A., Leander, G., Paar, C., Poschmann, A., Robshaw, M.J.B., Seurin, Y.: Hash Functions and RFID Tags: Mind the Gap. In: Oswald, E., Rohatgi, P. (eds.) CHES 2008. LNCS, vol. 5154, pp. 283–299. Springer, Heidelberg (2008)
Braun, M., Hess, E., Meyer, B.: Using Elliptic Curves on RFID Tags. International Journal of Computer Science and Network Security 2, 1–9 (2008)
Buttyan, L., Holczer, T., Vajda, I.: Optimal Key-Trees for Tree-Based Private Authentication. In: Danezis, G., Golle, P. (eds.) PET 2006. LNCS, vol. 4258, pp. 332–350. Springer, Heidelberg (2006)
Feldhofer, M., Dominikus, S., Wolkerstorfer, J.: Strong Authentication for RFID Systems Using the AES Algorithm. In: Joye, M., Quisquater, J.-J. (eds.) CHES 2004. LNCS, vol. 3156, pp. 357–370. Springer, Heidelberg (2004)
Bundesamt für Sicherheit in der Informationstechnik. Advanced Security Mechanisms for Machine Readable Travel Documents: Extended Access Control (EAC), Password Authenticated Connection Establishment (PACE), and Restricted Identification (RI), Version 2.02 (2009)
Gennaro, R., Jarecki, S., Krawczyk, H., Rabin, T.: Robust Threshold DSS Signatures. In: Maurer, U.M. (ed.) EUROCRYPT 1996. LNCS, vol. 1070, pp. 354–371. Springer, Heidelberg (1996)
Hong, D., Sung, J., Hong, S., Lim, J., Lee, S., Koo, B.-S., Lee, C., Chang, D., Lee, J., Jeong, K., Kim, H., Kim, J., Chee, S.: HIGHT: A New Block Cipher Suitable for Low-Resource Device. In: Goubin, L., Matsui, M. (eds.) CHES 2006. LNCS, vol. 4249, pp. 46–59. Springer, Heidelberg (2006)
Langford, S.K.: Threshold DSS Signatures without a Trusted Party. In: Coppersmith, D. (ed.) CRYPTO 1995. LNCS, vol. 963, pp. 397–409. Springer, Heidelberg (1995)
Li, M., Poovendran, R., Falk, R., Köpf, A., Sampigethaya, K., Robinson, R., Lindelman, S., Braun, M., Seuschek, H.: Multi-Domain RFID Access Control Using Asymmetric Key Based Tag-Reader Mutual Authentication. In: ICAS2008 — Proceedings of the 26th international Congress of the Aeronautical Sciences, Anchorage, USA, September 14-19 (2008)
Lim, C., Korkishko, T.: mCryption — A Lightweight Block Cipher for Security of Low-cost RFID Tags and Sensors. In: Song, J.-S., Kwon, T., Yung, M. (eds.) WISA 2005. LNCS, vol. 3786, pp. 243–258. Springer, Heidelberg (2006)
MacKenzie, P., Reiter, M.K.: Two-Party Generation of DSA Signatures. In: Kilian, J. (ed.) CRYPTO 2001. LNCS, vol. 2139, p. 137. Springer, Heidelberg (2001)
Meyer, U., Cordasco, J., Wetzel, S.: An Approach to Enhance Inter-Provider Roaming through Secret Sharing and its Application to WLANs. In: WMASH’05 — Proceedings of the 3rd ACM International Workshop on Wireless Mobile Applications and Services on WLAN Hotspots, New York, NY, USA, pp. 1–13. ACM, New York (2005)
Molnar, D., Wagner, D.: Privacy and Security in Library RFID: Issues, Practices, and Architectures. In: Proceedings of the ACM Conference on Computer and Communications Security. ACM, New York (2004)
Author information
Authors and Affiliations
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2010 IFIP International Federation for Information Processing
About this paper
Cite this paper
Braun, M., Meyer, U., Wetzel, S. (2010). Efficient Mutual Authentication for Multi-domain RFID Systems Using Distributed Signatures. In: Samarati, P., Tunstall, M., Posegga, J., Markantonakis, K., Sauveron, D. (eds) Information Security Theory and Practices. Security and Privacy of Pervasive Systems and Smart Devices. WISTP 2010. Lecture Notes in Computer Science, vol 6033. Springer, Berlin, Heidelberg. https://doi.org/10.1007/978-3-642-12368-9_9
Download citation
DOI: https://doi.org/10.1007/978-3-642-12368-9_9
Publisher Name: Springer, Berlin, Heidelberg
Print ISBN: 978-3-642-12367-2
Online ISBN: 978-3-642-12368-9
eBook Packages: Computer ScienceComputer Science (R0)