Improved Privacy of the Tree-Based Hash Protocols Using Physically Unclonable Function

In 2004, Molnar and Wagner introduced a very appealing protocol dedicated to the identification of RFID tags. Their scheme relies on a binary tree of secrets which are shared --- for all nodes except the leaves --- amongst the tags. Hence the compromise of one tag also has implications on the other tags with whom it shares keys. We describe a new man-in-the-middle attack against this protocol which allows to break privacy even without opening tags. Moreover, it can be applied to some other RFID protocols which use correlated keys as the one described recently by Damgard and Pedersen at CT-RSA 2008. We introduce a modification of the initial scheme to allow us to thwart this and to strengthen RFID tags by implementing secrets with Physical Obfuscated Keys ( POKs ). This doing, we augment tags and scheme privacy, particularly general resistance against physical threats.

[1]  David A. Wagner,et al.  Privacy and security in library RFID: issues, practices, and architectures , 2004, CCS '04.

[2]  Ari Juels,et al.  Defining Strong Privacy for RFID , 2007, Fifth Annual IEEE International Conference on Pervasive Computing and Communications Workshops (PerComW'07).

[3]  G. Edward Suh,et al.  Physical Unclonable Functions for Device Authentication and Secret Key Generation , 2007, 2007 44th ACM/IEEE Design Automation Conference.

[4]  Levente Buttyán,et al.  Group-Based Private Authentication , 2007, 2007 IEEE International Symposium on a World of Wireless, Mobile and Multimedia Networks.

[5]  Blaise L. P. Gassend,et al.  Physical random functions , 2003 .

[6]  David A. Wagner,et al.  A Scalable, Delegatable Pseudonym Protocol Enabling Ownership Transfer of RFID Tags , 2005, IACR Cryptol. ePrint Arch..

[7]  Levente Buttyán,et al.  Optimal Key-Trees for Tree-Based Private Authentication , 2006, Privacy Enhancing Technologies.

[8]  Srinivas Devadas,et al.  Silicon physical random functions , 2002, CCS '02.

[9]  Leonid Bolotnyy,et al.  Physically Unclonable Function-Based Security and Privacy in RFID Systems , 2007, Fifth Annual IEEE International Conference on Pervasive Computing and Communications (PerCom'07).

[10]  Jorge Guajardo,et al.  FPGA Intrinsic PUFs and Their Use for IP Protection , 2007, CHES.

[11]  Ivan Damgård,et al.  RFID Security: Tradeoffs between Security and Efficiency , 2008, CT-RSA.

[12]  Serge Vaudenay,et al.  On Privacy Models for RFID , 2007, ASIACRYPT.

[13]  Lejla Batina,et al.  RFID-Tags for Anti-counterfeiting , 2006, CT-RSA.

[14]  David Evans,et al.  Quantifying Information Leakage in Tree-Based Hash Protocols (Short Paper) , 2006, ICICS.

[15]  Sozo Inoue,et al.  Quantitative evaluation of unlinkable ID matching schemes , 2005, WPES '05.