Anonymizer-Enabled Security and Privacy for RFID
CANS '09 Proceedings of the 8th International Conference on Cryptology and Network Security
On RFID privacy with mutual authentication and tag corruption
ACNS'10 Proceedings of the 8th international conference on Applied cryptography and network security
Impossibility results for RFID privacy notions
Transactions on computational science XI
An almost-optimal forward-private RFID mutual authentication protocol with tag control
WISTP'11 Proceedings of the 5th IFIP WG 11.2 international conference on Information security theory and practice: security and privacy of mobile devices in wireless communication
ESORICS'11 Proceedings of the 16th European conference on Research in computer security
Hi-index | 0.00 |
Vaudenay presented in [ASIACRYPT 2007] a general RFID security and privacy model that abstracts some previous works in a single, concise, and much more understandable framework. He introduced eight distinct notions of privacy, corresponding to adversaries of different strength, and proved some possibility and impossibility results for such privacy notions. However, some interesting problems as: 1) achieving stronger privacy using low-cost tags (i.e., tags that usually can not perform public-key cryptography), 2) achieving stronger privacy in presence of side-channel attacks (e.g., DoS attacks, detection of the outputs of identification protocols), and 3) achieving stronger privacy under standard complexity-theoretic assumptions, are still left open.In this paper, we address the above problems and give two contributions.First of all we show that Vaudenay's privacy notions are impossible to achieve in presence of DoS attacks. Therefore, we extend the model to better reflect the real-world scenario, where these attacks are easy to mount (e.g., by physically destroying/making inactive tags). More precisely, we refine Vaudenay's privacy model to deal with DoS and DoS-like attacks, and introduce an additional privacy notion, referred to as semi-destructive privacy, which takes into account hardware features of some real-world tags. Then, we show an efficient RFID protocol that, by only using symmetric-key cryptography, satisfies the notion of semi-destructive privacy, under standard complexity-theoretic assumptions.