ouafi.pdf (242.87 kB)
Privacy of recent RFID authentication protocols
conference contribution
posted on 2011-03-01, 15:25 authored by Khaled Ouafi, Raphael C.-W. PhanPrivacy is a major concern in RFID systems, especially with
widespread deployment of wireless-enabled interconnected personal de-
vices e.g. PDAs and mobile phones, credit cards, e-passports, even cloth-
ing and tires. An RFID authentication protocol should not only allow
a legitimate reader to authenticate a tag but it should also protect the
privacy of the tag against unauthorized tracing: an adversary should not
be able to get any useful information about the tag for tracking or dis-
covering the tag's identity. In this paper, we analyze the privacy of some
recently proposed RFID authentication protocols (2006 and 2007) and
show attacks on them that compromise their privacy. Our attacks con-
sider the simplest adversaries that do not corrupt nor open the tags. We
describe our attacks against a general untraceability model; from expe-
rience we view this endeavour as a good practice to keep in mind when
designing and analyzing security protocols.
History
School
- Mechanical, Electrical and Manufacturing Engineering
Citation
OUAFI, K. and PHAN, R.C.-W., 2008. Privacy of recent RFID authentication protocols. IN: Chen, L., Mu, Y. and Susilo, W. (eds.) 4th International Conference, ISPEC, Sydney, Australia, April 21-23, pp. 263-277Publisher
© Springer VerlagVersion
- AM (Accepted Manuscript)
Publication date
2008Notes
The original publication is available at www.springerlink.comISBN
3540791035;9783540791034ISSN
0302-9743Publisher version
Book series
Lecture Notes in Computer Science;Vol 4991Language
- en