Abstract
Vaudenay presented in [ASIACRYPT 2007] a general RFID security and privacy model that abstracts some previous works in a single, concise, and much more understandable framework. He introduced eight distinct notions of privacy, corresponding to adversaries of different strength, and proved some possibility and impossibility results for such privacy notions. However, some interesting problems as: 1) achieving stronger privacy using low-cost tags (i.e., tags that usually can not perform public-key cryptography), 2) achieving stronger privacy in presence of side-channel attacks (e.g., DoS attacks, detection of the outputs of identification protocols), and 3) achieving stronger privacy under standard complexity-theoretic assumptions, are still left open.
In this paper, we address the above problems and give two contributions.
First of all we show that Vaudenay’s privacy notions are impossible to achieve in presence of DoS attacks. Therefore, we extend the model to better reflect the real-world scenario, where these attacks are easy to mount (e.g., by physically destroying/making inactive tags). More precisely, we refine Vaudenay’s privacy model to deal with DoS and DoS-like attacks, and introduce an additional privacy notion, referred to as semi-destructive privacy, which takes into account hardware features of some real-world tags. Then, we show an efficient RFID protocol that, by only using symmetric-key cryptography, satisfies the notion of semi-destructive privacy, under standard complexity-theoretic assumptions.
This is a preview of subscription content, log in via an institution.
Buying options
Tax calculation will be finalised at checkout
Purchases are for personal use only
Learn about institutional subscriptionsPreview
Unable to display preview. Download preview PDF.
References
Avoine, G.: Adversarial model for radio frequency identification. Cryptology ePrint Archive, Report 2005/049 (2005), http://eprint.iacr.org/2005/049
Juels, A., Weis, S.A.: Defining strong privacy for RFID. Cryptology ePrint Archive, Report 2006/137 (2006), http://eprint.iacr.org/2006/137
Damgård, I., Østergaard, M.: RFID security: Tradeoffs between security and efficiency. In: RSA Conference, Cryptographers’ Track, pp. 318–332 (2008)
Burmester, M., van Le, T., de Medeiros, B.: Provably secure ubiquitous systems: Universally composable RFID authentication protocols. In: Proceedings of Second International Conference on Security and Privacy in Communication Networks (SecureComm), pp. 1–9. IEEE Computer Society, Los Alamitos (2006)
Vaudenay, S.: On privacy models for RFID. In: Kurosawa, K. (ed.) ASIACRYPT 2007. LNCS, vol. 4833, pp. 68–87. Springer, Heidelberg (2007)
Ng, C.Y., Susilo, W., Mu, Y., Safavi-Naini, R.: RFID privacy models revisited. In: Jajodia, S., Lopez, J. (eds.) ESORICS 2008. LNCS, vol. 5283, pp. 251–266. Springer, Heidelberg (2008)
Bellare, M., Rogaway, P.: Random oracles are practical: A paradigm for designing efficient protocols. In: Proceedings of the Annual Conference on Computer and Communications Security, CCS (1994)
Sadeghi, A., Visconti, I., Wachsmann, C.: Anonymizer-enabled security and privacy for rfid. In: Conference on RFID Security 2009, Leuven, Belgium (2009)
Sadeghi, A., Visconti, I., Wachsmann, C.: User privacy in transport systems based on RFID e-tickets. In: International Workshop on Privacy in Location-Based Applications (PiLBA), Malaga, Spain, October 9 (2008)
Bocchetti, S.: Security and privacy in rfid protocols, master thesis (2006)
D’Arco, P., Scafuro, A., Visconti, I.: Revisiting DoS Attacks and Privacy in RFID-Enabled Networks. Full version
Bellare, M., Namprempre, C.: Authenticated encryption: Relations among notions and analysis of the generic composition paradigm. In: Okamoto, T. (ed.) ASIACRYPT 2000. LNCS, vol. 1976, p. 531. Springer, Heidelberg (2000)
Author information
Authors and Affiliations
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2009 Springer-Verlag Berlin Heidelberg
About this paper
Cite this paper
D’Arco, P., Scafuro, A., Visconti, I. (2009). Revisiting DoS Attacks and Privacy in RFID-Enabled Networks. In: Dolev, S. (eds) Algorithmic Aspects of Wireless Sensor Networks. ALGOSENSORS 2009. Lecture Notes in Computer Science, vol 5804. Springer, Berlin, Heidelberg. https://doi.org/10.1007/978-3-642-05434-1_9
Download citation
DOI: https://doi.org/10.1007/978-3-642-05434-1_9
Publisher Name: Springer, Berlin, Heidelberg
Print ISBN: 978-3-642-05433-4
Online ISBN: 978-3-642-05434-1
eBook Packages: Computer ScienceComputer Science (R0)