research-article

GPS+: a back-end coupons identification for low-cost RFID

Authors:

Ethmane El Moustaine,

Maryline LaurentAuthors Info & Claims

WiSec '13: Proceedings of the sixth ACM conference on Security and privacy in wireless and mobile networks

Pages 73 - 78

https://doi.org/10.1145/2462096.2462109

Published: 17 April 2013 Publication History

Abstract

Security and privacy for RFID systems are very challenging topics. First, the RFID passive tags prevailing in most of the RFID applications are very limited in processing power, thus making most of the ordinary security mechanisms inappropriate. Second, tags do answer to any reader requests, for this the most innovative RFID proposed protocols are not suitable whether for privacy problems or the high cost of tags.

So far, a variety of public-key identification/authentication protocols have been proposed, but none of them satisfy both the security and privacy requirements within the acceptable restricted resources. Girault described a storage-computation trade-off approach of the famous GPS scheme for low cost RFID tag using t coupons stored on tag, but for moderate security level, this approach is still beyond current capabilities of low-cost RFID tags as storage capacity is the most expensive part of the hardware. Moreover, as we demonstrate the GPS scheme cannot be private against active adversary.

In this paper, we present a new private efficient storage-security trade-off of GPS public key scheme for low-cost RFID tags. The ideas are twofold. First, the coupons are stored only on the back-end and not on the tag, so the protocol is private, the number of coupons can be much higher than in Girault's approach, and consumed coupons can be easily replaced with new ones. Second, for authenticating to the reader, the tag only needs simple integer operations, so implemention can be done in less than 1000 gate equivalents(GEs). Our approach takes advantages of the GPS scheme, and is resistant to the classical security attacks including replays, tracking, man in the middle attacks, etc.

References

[1]

M. Girault. Low-size coupons for low-cost ic cards. In CARDIS, pages 39--50, 2000.

Digital Library

[2]

M. Girault, L. Juniot, and M. Robshaw. The Feasibility of On-the-Tag Public Key Cryptography. In Workshop on RFID Security -- RFIDSec'07, Malaga, Spain, July 2007.

[3]

M. Girault, G. Poupard, and J. Stern. On the fly authentication and signature schemes based on groups of unknown order. J. Cryptology, 19(4):463--487, 2006.

Digital Library

[4]

F. Inc. IST-1999-12324. final report of european project IST-1999-12324: New european schemes for signatures, integrity, and encryption (NESSIE), April 2004.

[5]

ISO/IEC. International standard ISO/IEC 9798 part 5: Mechanisms using zeroknowledge techniques. December 2004.

[6]

A. Juels and S. Weis. Authenticating pervasive devices with human protocols. In V. Shoup, editor, Advances in Cryptology -- CRYPTO'05, volume 3126 of Lecture Notes in Computer Science, pages 293--308, Santa Barbara, California, USA, August 2005. IACR, Springer.

Digital Library

[7]

A. Juels and S. A. Weis. Authenticating pervasive devices with human protocols. In CRYPTO, pages 293--308, 2005.

Digital Library

[8]

Y. K. Lee, L. Batina, D. Singelée, and I. Verbauwhede. Low-Cost Untraceable Authentication Protocols for RFID. In S. Wetzel, C. Nita-Rotaru, and F. Stajano, editors, WiSec'10, pages 55--64, Hoboken, New Jersey, USA, March 2010. ACM, ACM Press.

Digital Library

[9]

J. S. Marc Girault, Guillaume Poupard. On the fly authentication and signature schemes based on groups of unknown order. J. Cryptology, 19(4):463--487, 2006.

Digital Library

[10]

M. McLoone and M. J. B. Robshaw. New architectures for low-cost public key cryptography on rfid tags. In ISCAS, pages 1827--1830, 2007.

[11]

H. Niederreiter. Knapsack-type cryptosystems and algebraic coding theory. Problems Control Inform. Theory/Problemy Upravlen. Teor. Inform., 15(2):159--166, 1986.

[12]

R. Peeters and J. Hermans. Wide strong private RFID identification based on zero-knowledge. Cryptology ePrint Archive, Report 2012/389, 2012.

[13]

A. Poschmann, M. J. B. Robshaw, F. Vater, and C. Paar. Lightweight cryptography and rfid: Tackling the hidden overhead. TIIS, 4(2):98--116, 2010.

[14]

T. Sekino, Y. Cui, K. Kobara, and H. Imai. Privacy enhanced rfid using quasi-dyadic fix domain shrinking. In GLOBECOM, pages 1--5. IEEE, 2010.

[15]

S. Vaudenay. On privacy models for rfid. In ASIACRYPT, pages 68--87, 2007.

Digital Library

[16]

M. Weiser. The computer for the 21st century. Scientific American, 265(3):66--75, January 1991.

Cited By

Assidi HAyebie ESouidi E(2018)Two Mutual Authentication Protocols Based on Zero-Knowledge Proofs for RFID SystemsInformation Security and Cryptology – ICISC 201710.1007/978-3-319-78556-1_15(267-283)Online publication date: 21-Mar-2018
https://doi.org/10.1007/978-3-319-78556-1_15
Dong QDing WWei L(2015)Improvement and optimized implementation of cryptoGPS protocol for low-cost radio-frequency identification authenticationSecurity and Communication Networks10.1002/sec.10968:8(1474-1484)Online publication date: 25-May-2015
https://dl.acm.org/doi/10.1002/sec.1096
Mubarak MManan JYahya S(2014)An Implementation of a Unified Security, Trust and Privacy (STP) Framework for Future Integrated RFID SystemFuture Data and Security Engineering10.1007/978-3-319-12778-1_10(122-135)Online publication date: 2014
https://doi.org/10.1007/978-3-319-12778-1_10

Index Terms

GPS+: a back-end coupons identification for low-cost RFID
1. Security and privacy
  1. Security services
    1. Authentication

Recommendations

A hybrid approach for privacy-preserving RFID tags

Recently, there have been a considerable amount of works for privacy-preserving RFID tags. However, most existing schemes have a common, inherent problem in the fact that in order to identify only one single tag they require a linear computational ...
Designated attribute-based proofs for RFID applications
RFIDSec'12: Proceedings of the 8th international conference on Radio Frequency Identification: security and privacy issues

Recent research has shown that using public-key cryptography in order to meet privacy requirements for RFID tags is not only necessary, but also now practically feasible. This has led to the development of new protocols like the Randomized Schnorr [6] ...
Impossibility results for RFID privacy notions
Transactions on computational science XI

RFID systems have become increasingly popular and are already used in many real-life applications. Although very useful, RFIDs introduce privacy risks since they carry identifying information that can be traced. Hence, several RFID privacy models have ...

Comments

Information & Contributors

Information

Published In

cover image ACM Conferences

WiSec '13: Proceedings of the sixth ACM conference on Security and privacy in wireless and mobile networks

April 2013

230 pages

ISBN:9781450319980

DOI:10.1145/2462096

General Chair:
Levente Buttyán
Budapest University of Technology and Economics, Hungary
,
Program Chairs:
Ahmad-Reza Sadeghi
Technische Universitaet Darmstadt, Fraunhofer SIT, Intel-CRISC, Germany
,
Marco Gruteser
Rutgers University, USA

Copyright © 2013 ACM.

Permission to make digital or hard copies of all or part of this work for personal or classroom use is granted without fee provided that copies are not made or distributed for profit or commercial advantage and that copies bear this notice and the full citation on the first page. Copyrights for components of this work owned by others than ACM must be honored. Abstracting with credit is permitted. To copy otherwise, or republish, to post on servers or to redistribute to lists, requires prior specific permission and/or a fee. Request permissions from [email protected]

Sponsors

SIGSAC: ACM Special Interest Group on Security, Audit, and Control

In-Cooperation

SIGMOBILE: ACM Special Interest Group on Mobility of Systems, Users, Data and Computing

Publisher

Association for Computing Machinery

New York, NY, United States

Publication History

Published: 17 April 2013

Permissions

Request permissions for this article.

Request Permissions

Check for updates

Author Tags

Qualifiers

Research-article

Conference

WISEC'13

Sponsor:

SIGSAC

WISEC'13: Sixth ACM Conference on Security and Privacy in Wireless and Mobile Networks

April 17 - 19, 2013

Budapest, Hungary

Acceptance Rates

WiSec '13 Paper Acceptance Rate 26 of 70 submissions, 37%;

Overall Acceptance Rate 98 of 338 submissions, 29%

Contributors

Other Metrics

View Article Metrics

Bibliometrics & Citations

Bibliometrics

Article Metrics

3
Total Citations
View Citations
184
Total Downloads

Downloads (Last 12 months)5
Downloads (Last 6 weeks)0

Reflects downloads up to 03 Mar 2025

Other Metrics

View Author Metrics

Citations

Cited By

Assidi HAyebie ESouidi E(2018)Two Mutual Authentication Protocols Based on Zero-Knowledge Proofs for RFID SystemsInformation Security and Cryptology – ICISC 201710.1007/978-3-319-78556-1_15(267-283)Online publication date: 21-Mar-2018
https://doi.org/10.1007/978-3-319-78556-1_15
Dong QDing WWei L(2015)Improvement and optimized implementation of cryptoGPS protocol for low-cost radio-frequency identification authenticationSecurity and Communication Networks10.1002/sec.10968:8(1474-1484)Online publication date: 25-May-2015
https://dl.acm.org/doi/10.1002/sec.1096
Mubarak MManan JYahya S(2014)An Implementation of a Unified Security, Trust and Privacy (STP) Framework for Future Integrated RFID SystemFuture Data and Security Engineering10.1007/978-3-319-12778-1_10(122-135)Online publication date: 2014
https://doi.org/10.1007/978-3-319-12778-1_10

View Options

Login options

Check if you have access through your login credentials or your institution to get full access on this article.

Full Access

Get this Publication

View options

PDF

View or Download as a PDF file.

eReader

View online with eReader.

Figures

Tables

Media

View Table of Conten