Towards a practical solution to the RFID desynchronization problem

Authors:
Gerhard De Koning Gans;Flavio D. Garcia
Affiliations:
Institute for Computing and Information Sciences, Radboud University Nijmegen, Nijmegen, The Netherlands;Institute for Computing and Information Sciences, Radboud University Nijmegen, Nijmegen, The Netherlands
Venue:
RFIDSec'10 Proceedings of the 6th international conference on Radio frequency identification: security and privacy issues
Year:
2010

Citing 13
Cited 0

Privacy and security in library RFID: issues, practices, and architectures

Proceedings of the 11th ACM conference on Computer and communications security
A Scalable and Provably Secure Hash-Based RFID Protocol

PERCOMW '05 Proceedings of the Third IEEE International Conference on Pervasive Computing and Communications Workshops
YA-TRAP: Yet Another Trivial RFID Authentication Protocol

PERCOMW '06 Proceedings of the 4th annual IEEE international conference on Pervasive Computing and Communications Workshops
A Lightweight RFID Protocol to protect against Traceability and Cloning attacks

SECURECOMM '05 Proceedings of the First International Conference on Security and Privacy for Emerging Areas in Communications Networks
Anonymous RFID authentication supporting constant-cost key-lookup against active adversaries

International Journal of Applied Cryptography
Defining strong privacy for RFID

ACM Transactions on Information and System Security (TISSEC)
An efficient forward private RFID protocol

Proceedings of the 16th ACM conference on Computer and communications security
On privacy models for RFID

ASIACRYPT'07 Proceedings of the Advances in Crypotology 13th international conference on Theory and application of cryptology and information security
New privacy results on synchronized RFID authentication protocols against tag tracing

ESORICS'09 Proceedings of the 14th European conference on Research in computer security
Formal Verification of Privacy for RFID Systems

CSF '10 Proceedings of the 2010 23rd IEEE Computer Security Foundations Symposium
Authenticating pervasive devices with human protocols

CRYPTO'05 Proceedings of the 25th annual international conference on Advances in Cryptology
Modeling privacy for off-line RFID systems

CARDIS'10 Proceedings of the 9th IFIP WG 8.8/11.2 international conference on Smart Card Research and Advanced Application
RFID security and privacy: a research survey

IEEE Journal on Selected Areas in Communications

Quantified Score

Hi-index	0.00

Visualization

Abstract

Even though RFID technology has expanded enormously, this expansion has been hindered by privacy concerns. In order to prevent an adversary from tracking RFID tags and thus breaking location privacy, tags have to update their internal state with every authentication attempt. Although this technique solves the privacy problem, it has the side effect that tags and back office might desynchronize. This desynchronization can be caused by physical conditions or by adversarial intervention. If we look at consumer product identification, RFID labels and barcodes are bound to coexist for quite some time. In this paper we exploit this coexistence to reduce the workload at the reader/backoffice and allow re-synchronization. Concretely, we propose an authentication protocol that achieves correctness, forward-privacy under mild additional assumptions and synchronization in the random oracle model.