Provably Secure Ubiquitous Systems: Universally Composable RFID Authentication Protocols

This paper examines two unlinkably anonymous, simple RFID identification protocols that require only the ability to evaluate hash functions and generate random values, and that are provably secure against Byzantine adversaries. The main contribution is a universally composable security model tuned for RFlD applications. By making specific setup, communication, and concurrency assumptions that are realistic in the RFID application setting, we arrive at a model that guarantees strong security and availability properties, while still permitting the design of practical RFID protocols. We show that two protocols are provably secure within the new security model. Our proofs do not employ random oracles - the protocols are shown to be secure in the standard model under the assumption of existence of pseudo-random function families

[1]  Gene Tsudik,et al.  YA-TRAP: yet another trivial RFID authentication protocol , 2006, Fourth Annual IEEE International Conference on Pervasive Computing and Communications Workshops (PERCOMW'06).

[2]  Donald Beaver,et al.  Multiparty Computation with Faulty Majority , 1989, CRYPTO.

[3]  Birgit Pfitzmann,et al.  A model for asynchronous reactive systems and its application to secure message transmission , 2001, Proceedings 2001 IEEE Symposium on Security and Privacy. S&P 2001.

[4]  Tassos Dimitriou,et al.  A Lightweight RFID Protocol to protect against Traceability and Cloning attacks , 2005, First International Conference on Security and Privacy for Emerging Areas in Communications Networks (SECURECOMM'05).

[5]  Silvio Micali,et al.  How to play ANY mental game , 1987, STOC.

[6]  Jan Camenisch,et al.  Untraceable RFID tags via insubvertible encryption , 2005, CCS '05.

[7]  Oded Goldreich Foundations of Cryptography: Index , 2001 .

[8]  Manuel Blum,et al.  Secure Human Identification Protocols , 2001, ASIACRYPT.

[9]  Ran Canetti,et al.  Studies in secure multiparty computation and applications , 1995 .

[10]  Ran Canetti,et al.  Universally Composable Commitments (Extended Abstract) , 2001, CRYPTO 2001.

[11]  Ari Juels,et al.  Authenticating Pervasive Devices with Human Protocols , 2005, CRYPTO.

[12]  Peeter Laud,et al.  Secrecy types for a simulatable cryptographic library , 2005, CCS '05.

[13]  Donald Beaver,et al.  Foundations of Secure Interactive Computing , 1991, CRYPTO.

[14]  Donald Beaver,et al.  Secure multiparty protocols and zero-knowledge proof systems tolerating a faulty minority , 2004, Journal of Cryptology.

[15]  Ran Canetti,et al.  Universally Composable Commitments , 2001, CRYPTO.

[16]  Birgit Pfitzmann,et al.  Composition and integrity preservation of secure reactive systems , 2000, CCS.

[17]  Ran Canetti,et al.  Security and Composition of Multiparty Cryptographic Protocols , 2000, Journal of Cryptology.

[18]  Matthew J. B. Robshaw,et al.  An Active Attack Against HB +-A Provably Secure Lightweight Authentication Protocol , 2022 .

[19]  Oded Goldreich Foundations of Cryptography: Volume 1 , 2006 .

[20]  Oded Goldreich,et al.  Foundations of Cryptography: List of Figures , 2001 .

[21]  Mihir Bellare,et al.  Entity Authentication and Key Distribution , 1993, CRYPTO.

[22]  Yehuda Lindell,et al.  Universally composable two-party and multi-party secure computation , 2002, STOC '02.

[23]  Jörn Müller-Quade,et al.  Initiator-Resilient Universally Composable Key Exchange , 2003, ESORICS.

[24]  Ran Canetti,et al.  Universally composable security: a new paradigm for cryptographic protocols , 2001, Proceedings 2001 IEEE International Conference on Cluster Computing.

[25]  Jonathan Katz,et al.  Parallel and Concurrent Security of the HB and HB+ Protocols , 2006, EUROCRYPT.

[26]  Hugo Krawczyk,et al.  Universally Composable Notions of Key Exchange and Secure Channels , 2002, EUROCRYPT.

[27]  István Vajda,et al.  Lightweight Authentication Protocols for Low-Cost RFID Tags , 2003 .

[28]  Philippe Oechslin,et al.  A scalable and provably secure hash-based RFID protocol , 2005, Third IEEE International Conference on Pervasive Computing and Communications Workshops.

[29]  Ran Canetti,et al.  Universally Composable Symbolic Analysis of Cryptographic Protocols (The case of encryption-based mutual authentication and key exchange) , 2004, IACR Cryptol. ePrint Arch..