A Privacy-Preserving Grouping Proof Protocol Based on ECC with Untraceability for RFID

An RFID (Radio-Frequency IDentification) system provides the mechanism to identify tags to readers and then to execute specific RFID-enabled applications. In those applications, secure protocols using lightweight cryptography need to be developed and the privacy of tags must be ensured. In 2010, Batina et al. proposed a privacy-preserving grouping proof protocol for RFID based on ECC (Elliptic Curve Cryptography) in public-key cryptosystem. In the next year, Lv et al. had shown that Batina et al.’s protocol was insecure against the tracking attack such that the privacy of tags did not be preserved properly. Then they proposed a revised protocol based on Batina et al.’s work. Their revised protocol was claimed to have all security properties and resisted tracking attack. But in this paper, we prove that Lv et al.’s protocol cannot work properly. Then we propose a new version protocol with some nonce to satisfy the functions of Batina et al.’s privacy-preserving grouping proof protocol. Further we try the tracing attack made by Lv et al. on our protocol and prove our protocol can resist this attack to recover the untraceability.

[1]  Ari Juels,et al.  "Yoking-proofs" for RFID tags , 2004, IEEE Annual Conference on Pervasive Computing and Communications Workshops, 2004. Proceedings of the Second.

[2]  Steven D. Galbraith,et al.  Mathematics of Public Key Cryptography , 2012 .

[3]  Ingrid Verbauwhede,et al.  Privacy-Preserving ECC-Based Grouping Proofs for RFID , 2010, ISC.

[4]  Ben Niu,et al.  Security Analysis of a Privacy-preserving ECC-based Grouping-proof Protocol , 2011 .

[5]  Sjouke Mauw,et al.  Untraceability of RFID Protocols , 2008, WISTP.

[6]  Whitfield Diffie,et al.  New Directions in Cryptography , 1976, IEEE Trans. Inf. Theory.

[7]  Norbert Felber,et al.  ECC Is Ready for RFID - A Proof in Silicon , 2008, Selected Areas in Cryptography.

[8]  Ton van Deursen 50 Ways to Break RFID Privacy , 2010, PrimeLife.

[9]  Victor S. Miller,et al.  Use of Elliptic Curves in Cryptography , 1985, CRYPTO.

[10]  Serge Vaudenay,et al.  On Privacy Models for RFID , 2007, ASIACRYPT.

[11]  N. Koblitz Elliptic curve cryptosystems , 1987 .

[12]  Alfred Menezes,et al.  Guide to Elliptic Curve Cryptography , 2004, Springer Professional Computing.