A Pre-computable Signature Scheme with Efficient Verification for RFID

Passive RFID tags have limited rewritable memory for data storage and limited computation power, which pose difficulties to implement security protection on RFID tags. It has been shown that strong security and privacy protections for RFID require utilizing public-key cryptography. Unfortunately, the implementation of public key cryptography is infeasible in low-cost passive tags. With this issue in mind, in this work, we propose a pre-computable signature scheme with a very efficient signature verification algorithm for RFID applications. Our signature scheme is provably secure under the DDH assumption and a variant of q-SDH assumption. With pre-computations, no exponentiation is required in our signature verification. Our research shows that it is feasible for low-cost RFID tags to verify signatures with the basic modular multiplication only (if they have a small amount of writable memory).

[1]  Xavier Boyen,et al.  The Uber-Assumption Family , 2008, Pairing.

[2]  Yael Tauman Kalai,et al.  Improved Online/Offline Signature Schemes , 2001, CRYPTO.

[3]  Dan Boneh,et al.  Short Signatures Without Random Oracles , 2004, EUROCRYPT.

[4]  Adi Shamir,et al.  Memory Efficient Variants of Public-Key Schemes for Smart Card Applications , 1994, EUROCRYPT.

[5]  Marc Fischlin,et al.  Topics in Cryptology – CT-RSA 2009 , 2009 .

[6]  Hovav Shacham,et al.  Short Group Signatures , 2004, CRYPTO.

[7]  Matthew Franklin,et al.  Advances in Cryptology – CRYPTO 2004 , 2004, Lecture Notes in Computer Science.

[8]  Ronald L. Rivest,et al.  Security and Privacy Aspects of Low-Cost Radio Frequency Identification Systems , 2003, SPC.

[9]  Aggelos Kiayias,et al.  Traceable Signatures , 2004, EUROCRYPT.

[10]  Silvio Micali,et al.  On-Line/Off-Line Digital Schemes , 1989, CRYPTO.

[11]  Kaisa Nyberg,et al.  Advances in Cryptology — EUROCRYPT'98 , 1998 .

[12]  Frank Stajano Security in Pervasive Computing , 2003, SPC.

[13]  Norbert Felber,et al.  ECC Is Ready for RFID - A Proof in Silicon , 2008, Selected Areas in Cryptography.

[14]  Marc Girault,et al.  Server-Aided Verification: Theory and Practice , 2005, ASIACRYPT.

[15]  Maire O'Neill,et al.  Low-Cost SHA-1 Hash Function Architecture for RFID Tags , 2008 .

[16]  Aggelos Kiayias,et al.  Self Protecting Pirates and Black-Box Traitor Tracing , 2001, CRYPTO.

[17]  Ari Juels,et al.  Minimalist Cryptography for Low-Cost RFID Tags , 2004, SCN.

[18]  Sean W. Smith,et al.  Batch Pairing Delegation , 2007, IWSEC.

[19]  Willy Susilo,et al.  Server-aided signatures verification secure against collusion attack , 2011, ASIACCS '11.

[20]  Dongqing Xie,et al.  Divisible On-Line/Off-Line Signatures , 2009, CT-RSA.

[21]  Refik Molva,et al.  Tracker: Security and Privacy for RFID-based Supply Chains , 2010, NDSS.

[22]  Kaoru Kurosawa,et al.  Advances in Cryptology - ASIACRYPT 2007, 13th International Conference on the Theory and Application of Cryptology and Information Security, Kuching, Malaysia, December 2-6, 2007, Proceedings , 2007, International Conference on the Theory and Application of Cryptology and Information Security.

[23]  Amos Fiat,et al.  Batch RSA , 1989, Journal of Cryptology.

[24]  Chae Hoon Lim,et al.  Server (Prover/Signer)-Aided Verification of Identity Proofs and Signatures , 1995, EUROCRYPT.

[25]  Michael Wiener,et al.  Advances in Cryptology — CRYPTO’ 99 , 1999 .

[26]  Alfredo De Santis,et al.  Advances in Cryptology — EUROCRYPT'94 , 1994, Lecture Notes in Computer Science.

[27]  Pascal Paillier,et al.  Discrete-Log-Based Signatures May Not Be Equivalent to Discrete Log , 2005, ASIACRYPT.

[28]  Shuenn-Yuh Lee,et al.  A Low-Power RFID Integrated Circuits for Intelligent Healthcare Systems , 2010, IEEE Transactions on Information Technology in Biomedicine.

[29]  Mihir Bellare,et al.  Fast Batch Verification for Modular Exponentiation and Digital Signatures , 1998, IACR Cryptol. ePrint Arch..

[30]  Masakatsu Nishigaki,et al.  Advances in Information and Computer Security - 6th International Workshop, IWSEC 2011, Tokyo, Japan, November 8-10, 2011. Proceedings , 2011, IWSEC.

[31]  Aggelos Kiayias,et al.  Polynomial Reconstruction Based Cryptography , 2001, Selected Areas in Cryptography.

[32]  Refik Molva,et al.  CHECKER: on-site checking in RFID-based supply chains , 2012, WISEC '12.

[33]  Serge Vaudenay,et al.  On Privacy Models for RFID , 2007, ASIACRYPT.

[34]  Serge Vaudenay,et al.  Mutual authentication in RFID: security and privacy , 2008, ASIACCS '08.

[35]  Jean-Jacques Quisquater,et al.  Advances in Cryptology — EUROCRYPT ’95 , 2001, Lecture Notes in Computer Science.

[36]  Steven D. Galbraith,et al.  Pairing-Based Cryptography - Pairing 2008, Second International Conference, Egham, UK, September 1-3, 2008. Proceedings , 2008, Pairing.

[37]  A. Maximov,et al.  Fast computation of large distributions and its cryptographic applications , 2005 .

[38]  W. B. Lee,et al.  Design of a RFID case-based resource management system for warehouse operations , 2005, Expert Syst. Appl..

[39]  Dan Boneh,et al.  Short Signatures Without Random Oracles and the SDH Assumption in Bilinear Groups , 2008, Journal of Cryptology.

[40]  Martin Feldhofer,et al.  A low-resource public-key identification scheme for RFID tags and sensor nodes , 2009, WiSec '09.

[41]  Matthew Green,et al.  Practical Short Signature Batch Verification , 2009, CT-RSA.