Abstract
Yoking proof is a very useful security primitive that can be used to prove the co-existence of two or multiple entities in an identification protocol. It can be incorporated into radio frequency identification (RFID) protocols and used in many practical applications such as pharmaceutical distribution and manufacturing. However, the existing yoking proofs do not support secure key establishment, which is required in order to allow secure communication between the reader and the RFID tags after the identification process. In this paper, we propose a novel yoking proof with key exchange that allows the reader to establish a secure communication channel with the tags. We define the formal security models for yoking proof with key exchange and prove that the proposed protocol can achieve yoking proof soundness, session key security and tag identity privacy.
This is a preview of subscription content, log in via an institution to check access.
Similar content being viewed by others
References
Batina, L., Lee, Y. K., Seys, S., Singelée, D., & Verbauwhede, I. (2012). Extending ecc-based RFID authentication protocols to privacy-preserving multi-party grouping proofs. Personal and Ubiquitous Computing, 16(3), 323–335.
Bellare, M., Boldyreva, A., Desai, A., & Pointcheval, D. (2001). Key-privacy in public-key encryption. In Advances in cryptology—ASIACRYPT 2001, 7th international conference on the theory and application of cryptology and information security, Gold Coast, Australia, December 9–13, proceedings (pp. 566–582).
Bellare, M., Canetti, R., & Krawczyk, H. (1998). A modular approach to the design and analysis of authentication and key exchange protocols (extended abstract). In Proceedings of the thirtieth annual ACM symposium on the theory of computing, Dallas, Texas, USA, May 23–26 (pp. 419–428).
Bellare, M., & Neven, G. (2006). Multi-signatures in the plain public-key model and a general forking lemma. In Proceedings of the 13th ACM conference on computer and communications security, CCS 2006, Alexandria, VA, USA, October 30–November 3 (pp. 390–399).
Bellare, M., Pointcheval, D., & Rogaway, P. (2000). Authenticated key exchange secure against dictionary attacks. In Advances in cryptology—EUROCRYPT 2000, international conference on the theory and application of cryptographic techniques, Bruges, Belgium, May 14–18, proceedings (pp. 139–155).
Bellare, M., & Rogaway, P. (1993). Entity authentication and key distribution. In Advances in cryptology—CRYPTO ’93, 13th annual international cryptology conference, Santa Barbara, California, USA, August 22–26, proceedings (pp. 232–249).
Bellare, M., & Rogaway, P. (1995). Provably secure session key distribution: The three party case. In Proceedings of the twenty-seventh annual ACM symposium on theory of computing, 29 May–1 June, Las Vegas, Nevada, USA (pp. 57–66).
Canetti, R., & Krawczyk, H. (2001). Analysis of key-exchange protocols and their use for building secure channels. In Advances in cryptology—EUROCRYPT 2001, international conference on the theory and application of cryptographic techniques, Innsbruck, Austria, May 6–10, proceedings (pp. 453–474).
Cramer, R., & Shoup, V. (1998). A practical public key cryptosystem provably secure against adaptive chosen ciphertext attack. In Advances in cryptology—CRYPTO ’98, 18th annual international cryptology conference, Santa Barbara, California, USA, August 23–27, proceedings (pp. 13–25).
Cremers, C. (2011). Examining indistinguishability-based security models for key exchange protocols: the case of CK, CK-HMQV, and eCK. In Proceedings of the 6th ACM symposium on information, computer and communications security, ASIACCS 2011, Hong Kong, China, March 22–24 (pp. 80–91).
Diffie, W., & Hellman, M. E. (1976). New directions in cryptography. IEEE Transactions on Information Theory, 22(6), 644–654.
Hermans, J., & Peeters, R. (2012). Private yoking proofs: Attacks, models and new provable constructions. In Radio frequency identification. Security and privacy issues—8th international workshop, RFIDSec 2012, Nijmegen, The Netherlands, July 2–3, 2012, Revised Selected Papers (pp. 96–108).
Juels, A. (2004). “yoking-proofs” for RFID tags. In 2nd IEEE conference on pervasive computing and communications workshops (PerCom 2004 Workshops), 14–17 March, Orlando, FL, USA (pp. 138–143).
Juels, A., & Weis, S. A. (2009). Defining strong privacy for RFID. ACM Transactions on Information and System Security. doi:10.1145/1609956.1609963.
Kaliski, B. S, Jr. (2001). An unknown key-share attack on the MQV key agreement protocol. ACM Transactions on Information and System Security, 4(3), 275–288.
Krawczyk, H. (2005). HMQV: A high-performance secure diffie-hellman protocol. In Advances in cryptology—CRYPTO 2005: 25th annual international cryptology conference, Santa Barbara, California, USA, August 14–18, proceedings (pp. 546–566).
Law, L., Menezes, A., Qu, M., Solinas, J. A., & Vanstone, S. A. (2003). An efficient protocol for authenticated key agreement. Designs, Codes and Cryptography, 28(2), 119–134.
Matsumoto, T., Takashima, Y., & Imai, H. (1986). On seeking smart public-key-distribution systems. IEICE Transactions (1976–1990), 69(2), 99–106.
Okamoto, T., & Pointcheval, D. (2001). The gap-problems: A new class of problems for the security of cryptographic schemes. In Public key cryptography, 4th international workshop on practice and theory in public key cryptography, PKC 2001, Cheju Island, Korea, February 13–15, proceedings (pp. 104–118).
Piramuthu, S. (2006). On existence proofs for multiple RFID tags. In Proceedings of the ACS/IEEE international conference on pervasive services 2006, ICPS ’06, 26–29 June 2006, Lyon, France (pp. 317–320).
Saito, J., & Sakurai, K. (2005). Grouping proof for RFID tags. In 19th international conference on advanced information networking and applications (AINA 2005), 28–30 March, Taipei, Taiwan (pp. 621–624).
Schnorr, C. (1989). Efficient identification and signatures for smart cards. In Advances in cryptology—CRYPTO ’89, 9th annual international cryptology conference, Santa Barbara, California, USA, August 20–24, proceedings (pp. 239–252).
Shoup, V. (2004). Sequences of games: A tool for taming complexity in security proofs. IACR Cryptology ePrint Archive, 332.
Ustaoglu, B. (2008). Obtaining a secure and efficient key agreement protocol from (H)MQV and NAXOS. Designs, Codes and Cryptography, 46(3), 329–342.
Acknowledgments
We would like to thank Dr. Man Ho Au, Dr. Yong Yu and the anonymous reviewers for their valuable comments and discussions on this work. We also thank Ms. Diane Coves for polishing the content of this work.
Author information
Authors and Affiliations
Corresponding author
Rights and permissions
About this article
Cite this article
Tian, Y., Yang, G. & Mu, Y. Privacy-Preserving Yoking Proof with Key Exchange in the Three-Party Setting. Wireless Pers Commun 94, 1017–1034 (2017). https://doi.org/10.1007/s11277-016-3667-0
Published:
Issue Date:
DOI: https://doi.org/10.1007/s11277-016-3667-0