Abstract
Radio Frequency IDentifications (RFID) are useful low-cost devices for identification or authentication systems through wireless communication. The ownership of the RFID tag is frequently changed in the life cycle of the tag, it may fall in to the hands of a malicious adversary. The privacy problem in this situation is studied in the RFID ownership transfer protocol. However, almost all literatures provide only heuristic analysis and many protocols are broken. Elkhiyaoui et al. defined the security model for RFID ownership transfer protocols and proposed the detailed security proof to their protocol, but we show that their protocol does not provide enough privacy and cover the realistic attack. We investigate a suitable security model for RFID ownership transfer protocols and provide a new provably secure RFID ownership transfer protocol.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
Preview
Unable to display preview. Download preview PDF.
References
Abyaneh, M.R.S.: On the privacy of two tag ownership transfer protocols for RFIDs. In: ICITST 2011, pp. 11–14. IEEE (2011)
Billet, O., Etrog, J., Gilbert, H.: Lightweight privacy preserving authentication for RFID using a stream cipher. In: Hong, S., Iwata, T. (eds.) FSE 2010. LNCS, vol. 6147, pp. 55–74. Springer, Heidelberg (2010)
Boneh, D., Lynn, B., Shacham, H.: Short Signatures from the Weil Pairing. In: Boyd, C. (ed.) ASIACRYPT 2001. LNCS, vol. 2248, pp. 514–532. Springer, Heidelberg (2001)
Canard, S., Coisel, I.: Data synchronization in privacy-preserving RFID authentication schemes. In: RFIDSec 2008 (2008)
Cai, S., Li, Y., Li, Y., Deng, R.H.: Attacks and improvements to an RFID mutual authentication protocol and its extensions. In: WiSec 2009, pp. 51–58. ACM (2009)
Erguler, I., Anarim, E.: Security flaws in a recent RFID delegation protocol. J. Pers. Ubiquit. Comp. 16(3), 337–349 (2012)
Elkhiyaoui, K., Blass, E.-O., Molva, R.: ROTIV: RFID ownership transfer with issuer verification. ePrint Archive 2010/634 (2010)
Elkhiyaoui, K., Blass, E.-O., Molva, R.: ROTIV: RFID ownership transfer with issuer verification. In: Juels, A., Paar, C. (eds.) RFIDSec 2011. LNCS, vol. 7055, pp. 163–182. Springer, Heidelberg (2012)
Fernà ndez-Mir, A., Trujillo-Rasua, R., Castellà -Roca, J., Domingo-Ferrer, J.: A scalable RFID authentication protocol supporting ownership transfer and controlled delegation. In: Juels, A., Paar, C. (eds.) RFIDSec 2011. LNCS, vol. 7055, pp. 147–162. Springer, Heidelberg (2012)
Juels, A., Weis, S.A.: Defining strong privacy for RFID. ACM Transactions on Information and System Security 13(1) (2009)
Kardas, S., Akgün, M., Kiraz, M.S., Demirci, H.: Cryptanalysis of lightweight mutual authentication and ownership transfer for RFID systems. In: LightSec 2011, pp. 20–25. IEEE (2011)
Lim, C.H., Kwon, T.: Strong and robust RFID authentication enabling perfect ownership transfer. In: Ning, P., Qing, S., Li, N. (eds.) ICICS 2006. LNCS, vol. 4307, pp. 1–20. Springer, Heidelberg (2006)
Molnar, D., Soppera, A., Wagner, D.: A scalable, delegatable pseudonym protocol enabling ownership transfer of RFID tags. In: Preneel, B., Tavares, S. (eds.) SAC 2005. LNCS, vol. 3897, pp. 276–290. Springer, Heidelberg (2006)
Ng, C.Y., Susilo, W., Mu, Y., Safavi-Naini, R.: Practical RFID ownership transfer scheme. J. Comput. Sec. 19(2), 319–341 (2011)
Ouafi, K., Phan, R.C.-W.: Traceable privacy of recent provably-secure RFID protocols. In: Bellovin, S.M., Gennaro, R., Keromytis, A.D., Yung, M. (eds.) ACNS 2008. LNCS, vol. 5037, pp. 479–489. Springer, Heidelberg (2008)
Osaka, K., Takagi, T., Yamazaki, K., Takahashi, O.: An efficient and secure RFID security method with ownership transfer. In: Wang, Y., Cheung, Y.-m., Liu, H. (eds.) CIS 2006. LNCS (LNAI), vol. 4456, pp. 778–787. Springer, Heidelberg (2007)
Peris-Lopez, P., Hernandez-Castro, J.C., Tapiador, J.M.E., Li, T., Li, Y.: Vulnerability analysis of RFID protocols for tag ownership transfer. J. Comp. Net. 54(9), 1502–1508 (2010)
Paise, R.I., Vaudenay, S.: Mutual authentication in RFID. In: ASIACCS 2008, pp. 292–299. ACM (2008)
Shaohui, W.: Analysis and Design of RFID Tag Ownership Transfer Protocol. In: Jiang, L. (ed.) ICCE 2011. AISC, vol. 110, pp. 229–236. Springer, Heidelberg (2011)
Song, B., Mitchell, C.J.: Scalable RFID security protocols supporting tag ownership transfer. ComCom 34(4), 1–27 (2011)
Vaudenay, S.: On privacy models for RFID. In: Kurosawa, K. (ed.) ASIACRYPT 2007. LNCS, vol. 4833, pp. 68–87. Springer, Heidelberg (2007)
Author information
Authors and Affiliations
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2013 Springer-Verlag Berlin Heidelberg
About this paper
Cite this paper
Moriyama, D. (2013). Cryptanalysis and Improvement of a Provably Secure RFID Ownership Transfer Protocol. In: Avoine, G., Kara, O. (eds) Lightweight Cryptography for Security and Privacy. LightSec 2013. Lecture Notes in Computer Science, vol 8162. Springer, Berlin, Heidelberg. https://doi.org/10.1007/978-3-642-40392-7_9
Download citation
DOI: https://doi.org/10.1007/978-3-642-40392-7_9
Publisher Name: Springer, Berlin, Heidelberg
Print ISBN: 978-3-642-40391-0
Online ISBN: 978-3-642-40392-7
eBook Packages: Computer ScienceComputer Science (R0)