Formal verification of a key establishment protocol for EPC gen2 RFID systems: work in progress

Authors:
Wiem Tounsi;Nora Cuppens-Boulahia;Frédéric Cuppens;Joaquin Garcia-Alfaro
Affiliations:
Institut Télécom, Télécom Bretagne, Cesson-Sévigné, France;Institut Télécom, Télécom Bretagne, Cesson-Sévigné, France;Institut Télécom, Télécom Bretagne, Cesson-Sévigné, France;Institut Télécom, Télécom Bretagne, Cesson-Sévigné, France
Venue:
FPS'11 Proceedings of the 4th Canada-France MITACS conference on Foundations and Practice of Security
Year:
2011

Citing 10
Cited 1

The temporal logic of actions

ACM Transactions on Programming Languages and Systems (TOPLAS)
Applied cryptography (2nd ed.): protocols, algorithms, and source code in C

Applied cryptography (2nd ed.): protocols, algorithms, and source code in C
Extending the EPC network: the potential of RFID in anti-counterfeiting

Proceedings of the 2005 ACM symposium on Applied computing
Vulnerability Analysis of EMAP-An Efficient RFID Mutual Authentication Protocol

ARES '07 Proceedings of the The Second International Conference on Availability, Reliability and Security
Security Analysis of the SASI Protocol

IEEE Transactions on Dependable and Secure Computing
Securing the Communications of Home Health Care Systems Based on RFID Sensor Networks

CNSR '10 Proceedings of the 2010 8th Annual Communication Networks and Services Research Conference
The AVISPA tool for the automated validation of internet security protocols and applications

CAV'05 Proceedings of the 17th international conference on Computer Aided Verification
The CL-Atse protocol analyser

RTA'06 Proceedings of the 17th international conference on Term Rewriting and Applications
Security threat mitigation trends in low-cost RFID systems

DPM'09/SETOP'09 Proceedings of the 4th international workshop, and Second international conference on Data Privacy Management and Autonomous Spontaneous Security
RFID security and privacy: a research survey

IEEE Journal on Selected Areas in Communications

KEDGEN2: A key establishment and derivation protocol for EPC Gen2 RFID systems

Journal of Network and Computer Applications

Quantified Score

Hi-index	0.00

Visualization

Abstract

The EPC Class-1 Generation-2 (Gen2 for short) is a standard Radio Frequency Identification (RFID) technology that has gained a prominent place on the retail industry. The Gen2 standard lacks, however, of verifiable security functionalities. Eavesdropping attacks can, for instance, affect the security of monitoring applications based on the Gen2 technology. We are working on a key establishment protocol that aims at addressing this problem. The protocol is applied at both the initial identification phase and those remainder operations that may require security, such as password protected operations. We specify the protocol using the High Level Protocol Specification Language (HLPSL). Then, we verify the secrecy property of the protocol using the AVISPA model checker tool. The results that we report show that the current version of the protocol guarantees sensitive data secrecy under the presence of a passive adversary.