Universally composable RFID identification and authentication protocols

ACM Transactions on Information and System Security

Volumn 12, Issue 4, 2009, Pages

  Burmester, Mike ^a   Van Le, Tri ^b   De Medeiros, Breno ^b   Tsudik, Gene ^c  

^a FLORIDA STATE UNIVERSITY   (United States)

^b GOOGLE INC   (United States)

^c UNIVERSITY OF CALIFORNIA   (United States)

Author keywords

Authentication and key exchange protocols; RFID security; Universal composability

Indexed keywords

AUTHENTICATION PROTOCOLS; BACK-END SERVERS; COMPUTATIONAL BURDEN; COMPUTATIONAL LOADS; COST-SENSITIVE; KEY-EXCHANGE PROTOCOL; MINIMAL INTERACTIONS; PROVABLY SECURE; RF-ID TAGS; RFID APPLICATIONS; RFID SECURITY; SECURITY AND PRIVACY; UBIQUITOUS APPLICATION; UNIVERSAL COMPOSABILITY; UNIVERSALLY COMPOSABLE; UNIVERSALLY COMPOSABLE SECURITY;

AUTHENTICATION; NETWORK PROTOCOLS; RADIO NAVIGATION;

NETWORK SECURITY;

EID: 76849106311     PISSN: 10949224     EISSN: 15577406     Source Type: Journal    
DOI: 10.1145/1513601.1513603     Document Type: Article

References (46)

1. ANDERSON, R. 2000. Two remarks on public-key cryptology. In Proceedings of the 4th Annual Conference on Computer and Communications Security(CCS'00).
2. ATENIESE, G., CAMENISCH, J., AND DE MEDEIROS, B. 2005. Untraceable RFID tags via insubvertible encryption. In Proceedings of the ACM Conference on Computer and Communication Security (CCS'05). 92-101.
3. AVOINE, G. AND OECHSLIN, P. 2005. A scalable and provably secure hash-based RFID protocol. In Proceedings of the IEEE International Conference on Pervasive Computing and Communications (PerCom'05). 110-114.
4. BEAVER, D. 1991a. Foundations of secure interactive computing. In Proceedings of the Confer-ences of the Advances in Cryptology (CRYPTO '91). Lecture Notes in Computer Science, vol.576, 377-391.
5. BEAVER, D. 1991b. Secure multi-party protocols and zero-knowledge proof systems tolerating a faulty minority. J. Crypt. 4, 2, 75-122.
6. BEAVER, D. AND GOLDWASSER, S. 1989.Multiparty computation with faultymajority. In Proceed-ings of the Conference on the Advances in Cryptology (CRYPTO'89). Lecture Notes in Computer Science, vol.435. 589-590.
7. BONO, S. C., GREEN,M., STUBBLEFIELD, A., RUBIN, A. J. A. D., AND SZYDLO, M. 2005. Security analysis of a cryptographically-enabled RFID device. In Proceedings of the USENIX Security Symposium (Security'05). USENIX, 1-16.
8. BURMESTER, M., DE MEDEIROS, B., AND MOTTA, R. 2008. Robust, anonymous RFID authentication with constant key-lookup. In Proceedings of the ACMSymposium on Information, Computer and Communications Security (ASIACCS'08). 283-291.
9. BURMESTER, M., VAN LE, T., AND DE MEDEIROS, B. 2006. Provably secure ubiquitous systems: Universally composable RFID authentication protocols. In Proceedings of the 2nd IEEE/CreateNet International Conference on Security and Privacy in Communication Networks (SECURECOMM'06). IEEE Press.
10. CANETTI, R. 1995. Studies in secure multiparty computation and application. Ph.D. thesis, Weizmann Institute of Science.
11. CANETTI, R. 2000. Security and composition of multi-party cryptographic protocols. J. Crypt. 13, 1, 143-202.
12. CANETTI, R. 2001. Universally composable security: A new paradigm for cryptographic protocols. In Proceedings of the IEEE Symposium on Foundations of Computer Science (FOCS'01). 136-145.
13. CANETTI, R. AND FISCHLIN, M. 2001. Universally composable commitments (extended abstract). In Proceedings of the Conference on the Advances in Cryptology (CRYPTO'01). Lecture Notes in Computer Science, vol.2139, 19.
14. CANETTI, R. AND HERZOG., J. 2004. Universally composable symbolic analysis of cryptographic protocols (the case of encryption-based mutual authentication and key exchange). Tech. rep. E-print rep. # 2004/334, International Association for Cryptological Research.
15. CANETTI, R. AND KRAWCZYK, H. 2001. Universally composable notions of key exchange and secure channels (extended abstract). In Proceedings of the Conference on the Advances in Cryptology (EUROCRYPT'02). Lecture Notes in Computer Science, vol.2332, 337.
16. CANETTI, R., LINDELL, Y., OSTROVSKY, R., AND SAHAI, A. 2002. Universally composable twoparty and multi-party secure computation. In Proceedings of the ACM Symposium on Theory of Computing (STOC'02). vol.34, 494-503.
17. COPPERSMITH, D., KRAWCZYK, H., AND MANSOUR, Y. 1994. The shrinking generator. In Proceed-ings of the Conference on the Advances in Cryptology (CRYPTO'93). Lecture Notes in Computer Science, 22-39.
18. EPC GLOBAL. EPC tag data standards, vs. 1.3. http://www.epcglobalinc.org/ standards/EPCglobal Tag Data Standard TDS Version 1.3.pdf.
19. GILBERT, H., RODSHAW, M., AND SIBERT, H. 2005. An active attack against HB+: A provably secure lightweight authentication protocol. Tech. rep., International Association for Cryptological Research.
20. GOLDREICH, O. 2001. The Foundations of Cryptography. Cambridge University Press.
21. GOLDREICH, O., GOLDWASSER, S., AND MICALI, S. 1986. How to construct pseudorandom functions. J. ACM 33, 4, 792-807.
22. GOLDREICH, O., MICALI, S., AND WIDGERSON, A. 1987. How to play any mental game. In Proceedings of the 19th Symposium on Theory of Computing (STOC'87). 218-229.
23. HELL, M., JOHANSSON, T., AND MEIER, W. 2005. Grain: A stream cipher for constrained environments. Tech. rep. eSTREAM # 2005/010, European Network of Excellence for Cryptology.
24. HERZBERG, A., KRAWCZYK, H., AND TSUDIK, G. 1994. On traveling incognito. In Proceedings of the IEEE Workshop on Mobile Systems and Applications (MobiSys'94). IEEE Press.
25. HOFHEINZ, D., MÜLLER-QUADE, J., AND STEINWANDT, R. 2003. Initiator-resilient universally composable key exchange. In Proceedings of the European Symposium on Research in Computer Security (ESORICS'03). Lecture Notes in Computer Science, vol.2808, 61-84.
26. ISO/IEC. Standard # 18000. RFID air interface standard. http://www.hightechaid.com/standards/18000.htm.
27. JUELS, A. AND WEIS, S. A. 2005. Authenticating pervasive devices with human protocols. In Proceedings of the Conference on the Advances in Cryptology (CRYPTO'05). Lecture Notes in Computer Science, vol.3621, 293.
28. KATZ, J. AND SHIN, J. S. 2006. Parallel and concurrent security of the HB and HB+ protocols. In Proceedings of the Conference on the Advances in Cryptology (CRYPTO06).
29. KFIR, Z. AND WOOL, A. 2005. Picking virtual pockets using relay attacks on contactless smartcard. In Proceedings of the 1st International Conference on Security and Privacy for Emerging Areas in Communications Networks (SECURECOMM'05). 47-58.
30. LAUD, P. 2005. Formal analysis of crypto protocols: Secrecy types for a simulatable cryptographic library. In Proceedings of the ACM Conference on Computer and Communication Security (CCS'05). 26-35.
31. LEE, H. AND HONG, D. 2006. The tag authentication scheme using self-shrinking generator on RFID system. In Proceedings of the World Academy of Science, Engineering and Technology (WASET'06). Vol.18, 52-57.
32. MAXIMOV, A. 2006. Cryptanalysis of the "grain" family of stream ciphers. In Proceedings of the ACM Symposium on Information, Computer and Communications Security (ASIACCS'06). 283-288.
33. MOLNAR, D., SOPPERA, A., AND WAGNER, D. 2006. A scalable, delegatable pseudonym protocol enabling ownership transfer of RFID tags. In Proceedings of the Workshop on Selected Areas in Cryptography (SAC'05). Lecture Notes in Computer Science, vol.3897. Springer.
34. NETWORK OF EXCELLENCE WITHIN THE INFORMATION SOCIETIES TECHNOLOGY (IST) PROGRAMME OF THE EUROPEAN COMMISSION. Estream: The stream cipher project. http://www.ecrypt.eu.org/stream.
35. OREN, Y. AND SHAMIR, A. 2006. Power analysis of RFID tags. http://www.wisdom.weizmann.ac.il/?yossio/rfid/.
36. PFITZMANN, B. AND WAIDNER, M. 2000. Composition and integrity preservation of secure reactive systems. In Proceedings of the ACM Conference on Computer and Communication Security (CCS'00). 245-254.
37. PFITZMANN, B. AND WAIDNER, M. 2001. A model for asynchronous reactive systems and its application to secure message transmission. In Proceedings of the IEEE Symposium on Security and Privacy (SP'01). 184-200.
38. REDL, S., WEBER, M., AND OLIPHANT, M. 1998. GSM and Personal Communications Handbook. Artech House.
39. REID, J., NIETO, J. G., TANG, T., AND SENADJI, B. 2007. Detecting relay attacks with timing based protocols. In Proceedings of the ACM Symposium on Information, Computer, and Commu-nications Security (ASIACCS'07). 204-213.
40. SHARMA, S. E., WANG, S. A., AND ENGELS, D. W. 2003. RFID systems and security and privacy implications. In Proceedings of the Workshop on Cryptographic Hardware and Embedded Systems (CHES'02). Lecture Notes in Computer Science, vol.2523. Springer, 454-469.
41. STEINER, J., NEUMAN, B., AND SCHILLER, J. 1988. Kerberos: An authentication service for open network systems. In Proceedings of the USENIX Technical Conference (USENIX'88). 191-202.
42. TAN, C., SHENG, B., AND LI, Q. 2007. Serverless search and authentication protocols for RFID. In Proceedings of the IEEE International Conference on Pervasive Computing and Communications (PerCom'07). IEEE Press.
43. TSUDIK, G. 2006. YA-TRAP: Yet another trivial RFID authentication protocol. In Proceedings of the IEEE International Conference on Pervasive Computing and Communications (PerCom'06). IEEE Press.
44. TSUDIK, G. 2007. A family of dunces: Trivial RFID identification and authentication protocols. In Privacy Enhancing Technologies. Lecture Notes in Computer Science, vol.4776. Springer, 45-61.
45. VAN LE, T., BURMESTER, M., AND DE MEDEIROS, B. 2007. Universally composable and forwardsecure RFID authentication and authenticated key exchange. In Proceedings of the ACM Symposium on Information, Computer, and Communications Security (ASIACCS'07). ACM Press.
46. YAO, A. C. 1982. Theory and application of trapdoor functions. In Proceedings of the IEEE Symposium on Foundations of Computer Science (FOCS'82). 80-91.