Skip to main content
SpringerLink
Log in

Formal Verification of a Key Establishment Protocol for EPC Gen2 RFID Systems: Work in Progress

  • Conference paper
Foundations and Practice of Security (FPS 2011)

Part of the book series: Lecture Notes in Computer Science ((LNSC,volume 6888))

Included in the following conference series:

Abstract

The EPC Class-1 Generation-2 (Gen2 for short) is a standard Radio Frequency Identification (RFID) technology that has gained a prominent place on the retail industry. The Gen2 standard lacks, however, of verifiable security functionalities. Eavesdropping attacks can, for instance, affect the security of monitoring applications based on the Gen2 technology. We are working on a key establishment protocol that aims at addressing this problem. The protocol is applied at both the initial identification phase and those remainder operations that may require security, such as password protected operations. We specify the protocol using the High Level Protocol Specification Language (HLPSL). Then, we verify the secrecy property of the protocol using the AVISPA model checker tool. The results that we report show that the current version of the protocol guarantees sensitive data secrecy under the presence of a passive adversary.

This is a preview of subscription content, log in via an institution to check access.

Access this chapter

Log in via an institution
Chapter
USD 29.95
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
eBook
USD 54.99
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
Softcover Book
USD 69.99
Price excludes VAT (USA)
  • Compact, lightweight edition
  • Dispatched in 3 to 5 business days
  • Free shipping worldwide - see info

Tax calculation will be finalised at checkout

Purchases are for personal use only

Institutional subscriptions

Preview

Unable to display preview. Download preview PDF.

Unable to display preview. Download preview PDF.

References

  1. Armando, A., Basin, D., Boichut, Y., Chevalier, Y., Compagna, L., Cuellar, J., Drielsma, P.H., Heám, P.C., Kouchnarenko, O., Mantovani, J., Mödersheim, S., von Oheimb, D., Rusinowitch, M., Santiago, J., Turuani, M., Viganò, L., Vigneron, L.: The AVISPA Tool for the Automated Validation of Internet Security Protocols and Applications. In: Etessami, K., Rajamani, S.K. (eds.) CAV 2005. LNCS, vol. 3576, pp. 281–285. Springer, Heidelberg (2005)

    Chapter  Google Scholar 

  2. Armando, A., Compagna, L.: SATMC: A SAT-Based Model Checker for Security Protocols. In: Alferes, J.J., Leite, J. (eds.) JELIA 2004. LNCS (LNAI), vol. 3229, pp. 730–733. Springer, Heidelberg (2004)

    Chapter  Google Scholar 

  3. Basin, D.A., Sebastian, M., Vigano, L.: OFMC: A symbolic model checker for security protocols. International Journal of Information Security 4(3), 181–208 (2005)

    Article  Google Scholar 

  4. Boichut, Y., Heam, P.C., Kouchnarenko, O., Oehl, F.: Improvements on the genet and klay technique to automatically verify security protocols. In: Automated Verification of Infinite-State Systems (AVIS 2004), Joint to ETAPS 2004, pp. 1–11 (2004)

    Google Scholar 

  5. Chevalier, Y., Compagna, L., Cuellar, J., Hankes Drieslma, P., Mantovani, J., Modersheim, S., Vigneron, L.: A High Level Protocol Specification Language for Industrial Security-Sensitive Protocols. In: Workshop on Specification and Automated Processing of Security Requirements (SAPS 2004), pp. 193–205 (2004)

    Google Scholar 

  6. Cao, T., Bertino, E., Lei, H.: Security Analysis of the SASI Protocol. IEEE Transactions on Dependable and Secure Computing 6(1), 73–77 (2008)

    Google Scholar 

  7. Dolev, D., Yao, A.: On the Security of Public-Key Protocols. IEEE Transactions on Information Theory 2(29), 198–207 (1983)

    Article  MathSciNet  MATH  Google Scholar 

  8. EPCglobal. EPC Radio-Frequency Identity Protocols Class-1 Generation-2 UHF RFID Protocol for Communications at 860-960 MHz, http://www.epcglobalinc.org/standards/

  9. Garcia-Alfaro, J., Barbeau, M., Kranakis, E.: Security Threat Mitigation Trends in Low-cost RFID Systems. In: 2nd SETOP International Workshop on Autonomous and Spontaneous Security SETOP 2009, pp. 193–207 (2009)

    Google Scholar 

  10. Juels, A.: RFID Security and Privacy: A Research Survey. IEEE Journal On Selected Aeas In Communications 24(2), 381–394 (2006)

    Article  MathSciNet  Google Scholar 

  11. Lamport, L.: The temporal logic of actions. ACM Transactions on Programming Languages and Systems 16(3), 872–923 (1994)

    Article  Google Scholar 

  12. Li, T., Deng, R.H.: Vulnerability Analysis of EMAP-An Efficient RFID Mutual Authentication Protocol. In: 2nd International Conference on Availability, Reliability and Security, pp. 238–245 (2007)

    Google Scholar 

  13. Li, T., Wang, G.: Security Analysis of Two Ultra-Lightweight RFID Authentication Protocols. In: IFIP International Federation for Information Security, pp. 108–120 (2007)

    Google Scholar 

  14. Schneier, B.: Applied Cryptography, protocols, algorithms, and source code in C. J. Wiley & Sons, Inc. (1996)

    Google Scholar 

  15. Staake, T., Thiesse, F., Fleisch, E.: Extending the EPC Network — The Potential of RFID in Anti-Counterfeiting. In: ACM Symposium on Applied Computing, pp. 1607–1612 (2005)

    Google Scholar 

  16. Tounsi, W., Garcia-Alfaro, J., Cuppens-Boulahia, N., Cuppens, F.: Securing the Communications of Home Health Care Systems based on RFID Sensor Networks. In: 8th Annual Communication Networks and Services Research (CNSR) Conference, pp. 284–291 (2010)

    Google Scholar 

  17. Turuani, M.: The CL-Atse Protocol Analyser. In: Pfenning, F. (ed.) RTA 2006. LNCS, vol. 4098, pp. 277–286. Springer, Heidelberg (2006)

    Chapter  Google Scholar 

Download references

Author information

Authors and Affiliations

  1. Institut Télécom, Télécom Bretagne, CS 17607, 35576, Cesson-Sévigné, France

    Wiem Tounsi, Nora Cuppens-Boulahia, Frédéric Cuppens & Joaquin Garcia-Alfaro

Authors
  1. Wiem Tounsi
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. Nora Cuppens-Boulahia
    View author publications

    You can also search for this author in PubMed Google Scholar

  3. Frédéric Cuppens
    View author publications

    You can also search for this author in PubMed Google Scholar

  4. Joaquin Garcia-Alfaro
    View author publications

    You can also search for this author in PubMed Google Scholar

Editor information

Editors and Affiliations

  1. TELECOM-Bretagne, Campus de Rennes, 2, rue de la Châtaigneraie, 35512, Cesson Sévigné Cedex, France

    Joaquin Garcia-Alfaro

  2. Université Joseph Fourier, Laboratoire Verimag, Centre Equation, 2 avenue de Vignate, 38610, Gires, France

    Pascal Lafourcade

Rights and permissions

Reprints and permissions

Copyright information

© 2012 Springer-Verlag Berlin Heidelberg

About this paper

Cite this paper

Tounsi, W., Cuppens-Boulahia, N., Cuppens, F., Garcia-Alfaro, J. (2012). Formal Verification of a Key Establishment Protocol for EPC Gen2 RFID Systems: Work in Progress. In: Garcia-Alfaro, J., Lafourcade, P. (eds) Foundations and Practice of Security. FPS 2011. Lecture Notes in Computer Science, vol 6888. Springer, Berlin, Heidelberg. https://doi.org/10.1007/978-3-642-27901-0_20

Download citation

  • DOI: https://doi.org/10.1007/978-3-642-27901-0_20

  • Publisher Name: Springer, Berlin, Heidelberg

  • Print ISBN: 978-3-642-27900-3

  • Online ISBN: 978-3-642-27901-0

  • eBook Packages: Computer ScienceComputer Science (R0)

Publish with us

Policies and ethics

Search

Navigation