Skip to main content
SpringerLink
Log in

Narrow privacy and desynchronization in Vaudenay’s RFID model

  • Regular Contribution
  • Published:
International Journal of Information Security Aims and scope Submit manuscript

Abstract

Forward privacy of RFID systems and its relaxed version, narrow forward privacy, are generally considered satisfactory for practical needs. Unfortunately, the attempt to get forward privacy by symmetric-key cryptography failed. Also, all symmetric-key cryptography-based RFID systems proposed so far that are strictly narrow forward private (that is, narrow forward private but not forward private) suffer from desynchronization. Under these circumstances, the question whether the attempt to exceed these limits is doomed to failure or not was frequently asked. The paper we are proposing wants to clarify this matter. Thus, we show that forward privacy in Vaudenay’s RFID model cannot be achieved with symmetric-key cryptography. Then, we show that strictly narrow forward privacy can be achieved with symmetric-key cryptography only by RFID systems with unbounded desynchronization. This last result holds for strictly narrow destructive privacy and strictly narrow strong privacy too, if one wants to achieve them with symmetric-key cryptography.

This is a preview of subscription content, log in via an institution to check access.

Access this article

Log in via an institution

Price excludes VAT (USA)
Tax calculation will be finalised during checkout.

Instant access to the full article PDF.

Institutional subscriptions

Fig. 1
Fig. 2
Fig. 3
Fig. 4

Similar content being viewed by others

References

  1. Armknecht, F., Sadeghi, A.R., Scafuro, A., Visconti, I., Wachsmann, C.: Impossibility results for RFID privacy notions. In: Gavrilova, M.L., Tan, C.J.K., Moreno, E.D. (eds.) Transactions on Computational Science XI, pp. 39–63. Springer, Berlin, Heidelberg (2010)

    Chapter  Google Scholar 

  2. Beaulieu, R., Shors, D., Smith, J., Treatman-Clark, S., Weeks, B., Wingers, L.: SIMON and SPECK: block ciphers for the internet of things. IACR Cryptology ePrint Archive 2015, 585 (2015)

    MATH  Google Scholar 

  3. Beaulieu, R., Shors, D., Smith, J., Treatman-Clark, S., Weeks, B., Wingers, L.: The SIMON and SPECK lightweight block ciphers. In: Proceedings of the 52nd Annual Design Automation Conference, DAC ’15, pp. 175:1–175:6. ACM, New York, USA (2015). https://doi.org/10.1145/2744769.2747946

  4. Canard, S., Coisel, I.: Data synchronization in privacy-preserving RFID authentication schemes. In: Conference on RFID Security (2008)

  5. Ţiplea, F.L.: Lessons to be learned for a good design of private RFID schemes. IEEE Trans. Depend. Secur. Comput. (2021)

  6. Dimitriou, T.: Key evolving RFID systems: forward/backward privacy and ownership transfer of RFID tags. Ad Hoc Netw. 37, 195–208 (2016). https://doi.org/10.1016/j.adhoc.2015.08.019

    Article  Google Scholar 

  7. Finkenzeller, K.: RFID Handbook: Fundamentals and Applications in Contactless Smart Cards and Identification, 3rd edn. Wiley (2010)

  8. Garcia, F.D., van Rossum, P.: Modeling privacy for off-line RFID systems. In: Gollmann, D., Lanet, J.L., Iguchi-Cartigny, J. (eds.) Smart Card Research and Advanced Application, pp. 194–208. Springer, Berlin Heidelberg, Berlin, Heidelberg (2010)

    Chapter  Google Scholar 

  9. Hermans, J., Pashalidis Andreasand Vercauteren, F., Preneel, B.: A new RFID privacy model. In: V. Atluri, C. Diaz (eds.) Computer Security—ESORICS 2011, pp. 568–587. Springer, Berlin, Heidelberg (2011)

  10. Hermans, J., Peeters, R., Preneel, B.: Proper RFID privacy: model and protocols. IEEE Trans. Mobile Comput. 13(12), 2888–2902 (2014). https://doi.org/10.1109/TMC.2014.2314127

    Article  Google Scholar 

  11. Hristea, C., Ţiplea, F.L.: Privacy of stateful RFID systems with constant tag identifiers. IEEE Trans. Inf. Forensics Secur. 15, 1920–1934 (2019). https://doi.org/10.1109/TIFS.2019.2953398

    Article  Google Scholar 

  12. Hristea, C., Ţiplea, F.L.: A PUF-based destructive private mutual authentication RFID protocol. In: J.L. Lanet, C. Toma (eds.) Innovative Security Solutions for Information Technology and Communications. Springer (2019)

  13. Juels, A., Weis, S.A.: Defining strong privacy for RFID. Cryptology ePrint Archive, Report 2006/137 (2006). https://eprint.iacr.org/2006/137

  14. Juels, A., Weis, S.A.: Defining strong privacy for RFID. ACM Trans. Inf. Syst. Secur. 13(1), 7:1–7:23 (2009). https://doi.org/10.1145/1609956.1609963

  15. Katz, J., Lindell, Y.: Introduction to Modern Cryptography, 2nd edn. Chapman & Hall/CRC (2014)

  16. de Koning Gans, G., Garcia, F.D.: Towards a practical solution to the RFID desynchronization problem. In: S.B. Ors Yalcin (ed.) Radio Frequency Identification: Security and Privacy Issues, pp. 203–219. Springer, Berlin, Heidelberg (2010)

  17. Li, Y., Deng, H.R., Bertino, E.: RFID Security and Privacy. Synthesis Lectures on Information Security, Privacy, and Trust. Morgan & Claypool Publishers (2013). https://doi.org/10.2200/S00550ED1V01Y201311SPT007

  18. Ng, C.Y., Susilo, W., Mu, Y., Safavi-Naini, R.: New privacy results on synchronized RFID authentication protocols against tag tracing. In: Proceedings of the 14th European Conference on Research in Computer Security, ESORICS’09, pp. 321–336. Springer, Berlin, Heidelberg (2009)

  19. Paise, R.I., Vaudenay, S.: Mutual authentication in RFID: Security and privacy. In: Proceedings of the 2008 ACM Symposium on Information, Computer and Communications Security, ASIACCS ’08, pp. 292–299. ACM, New York, NY, USA (2008). https://doi.org/10.1145/1368310.1368352

  20. Preneel, B.: Cryptography best practices (2018). https://secappdev.org/handouts-2018.html

  21. Sipser, M.: Introduction to the Theory of Computation. Cengage Learning (2012)

  22. Vaudenay, S.: On privacy models for RFID. In: Proceedings of the Advances in Crypotology 13th International Conference on Theory and Application of Cryptology and Information Security, ASIACRYPT’07, pp. 68–87. Springer, Berlin, Heidelberg (2007)

  23. Ţiplea, F.L., Hristea, C.: PUF protected variables: a solution to RFID security and privacy under corruption with temporary state disclosure. IEEE Trans. Inf. Forensics Secur. 16, 999–1013 (2021). https://doi.org/10.1109/TIFS.2020.3027147

    Article  Google Scholar 

Download references

Acknowledgements

The author would like to thank the anonymous referees for useful and constructive comments that led to an improvement of this paper.

Author information

Authors and Affiliations

  1. Department of Computer Science, Alexandru Ioan Cuza University of Iaşi, Iaşi, Romania

    Ferucio Laurenţiu Ţiplea

  2. Simion Stoilow Institute of Mathematics of the Romanian Academy, Bucharest, Romania

    Ferucio Laurenţiu Ţiplea

Authors
  1. Ferucio Laurenţiu Ţiplea
    View author publications

    You can also search for this author in PubMed Google Scholar

Corresponding author

Correspondence to Ferucio Laurenţiu Ţiplea.

Ethics declarations

Conflict of Interest

The author declares that he has no conflict of interest.

Ethical approval

This article does not contain any studies with human participants or animals performed by the author.

Additional information

Publisher's Note

Springer Nature remains neutral with regard to jurisdictional claims in published maps and institutional affiliations.

Rights and permissions

Reprints and permissions

About this article

Check for updates. Verify currency and authenticity via CrossMark

Cite this article

Ţiplea, F.L. Narrow privacy and desynchronization in Vaudenay’s RFID model. Int. J. Inf. Secur. 21, 563–575 (2022). https://doi.org/10.1007/s10207-021-00569-0

Download citation

  • Published:

  • Issue Date:

  • DOI: https://doi.org/10.1007/s10207-021-00569-0

Search

Navigation