A PUF-Based Destructive Private Mutual Authentication RFID Protocol

  • Cristian Hristea
  • Ferucio Laurenţiu ŢipleaEmail author
Conference paper
Part of the Lecture Notes in Computer Science book series (LNCS, volume 11359)


We propose the first stateful RFID protocol that offers mutual authentication and provides destructive privacy, in the Vaudenay model. In order to achieve destructive privacy we use Physically Unclonable Functions (PUFs) to assure that the internal secret of the tag remains hidden against an adversary with invasive capabilities. The proposed protocol avoids the use of pseudo random generators on tags, and provides scalability by offering a constant authentication time. For the mitigation of desynchronization attacks we propose a mechanism, on reader level, that thwarts them.


  1. 1.
    Akgün, M., Çaglayan, M.U.: Providing destructive privacy and scalability in RFID systems using PUFs. Ad Hoc Netw. 32(C), 32–42 (2015)CrossRefGoogle Scholar
  2. 2.
    Arslan, A., Kardaş, S., Çolak, S.A., Ertürk, S.: Are RNGs Achilles’ heel of RFID security and privacy protocols? Wirel. Pers. Commun. 100(4), 1355–1375 (2018)CrossRefGoogle Scholar
  3. 3.
    Avoine, G., Carpent, X., Martin, B.: Strong authentication and strong integrity (SASI) is not that strong. In: Ors Yalcin, S.B. (ed.) RFIDSec 2010. LNCS, vol. 6370, pp. 50–64. Springer, Heidelberg (2010). Scholar
  4. 4.
    Avoine, G., Coisel, I., Martin, T.: Time measurement threatens privacy-friendly RFID authentication protocols. In: Ors Yalcin, S.B. (ed.) RFIDSec 2010. LNCS, vol. 6370, pp. 138–157. Springer, Heidelberg (2010). Scholar
  5. 5.
    Bringer, J., Chabanne, H., Icart, T.: Improved privacy of the tree-based hash protocols using physically unclonable function. In: Ostrovsky, R., De Prisco, R., Visconti, I. (eds.) SCN 2008. LNCS, vol. 5229, pp. 77–91. Springer, Heidelberg (2008). Scholar
  6. 6.
    Canard, S., Coisel, I.: Data synchronization in privacy-preserving RFID authentication schemes. In: Conference on RFID Security (2008)Google Scholar
  7. 7.
    Canard, S., Coisel, I., Etrog, J., Girault, M.: Privacy-preserving RFID systems: model and constructions (2010).
  8. 8.
    Hermans, J., Pashalidis, A., Vercauteren, F., Preneel, B.: A new RFID privacy model. In: Atluri, V., Diaz, C. (eds.) ESORICS 2011. LNCS, vol. 6879, pp. 568–587. Springer, Heidelberg (2011). Scholar
  9. 9.
    Hermans, J., Peeters, R., Preneel, B.: Proper RFID privacy: model and protocols. IEEE Trans. Mobile Comput. 13(12), 2888–2902 (2014)CrossRefGoogle Scholar
  10. 10.
    Kardaş, S., Çelik, S., Yildiz, M., Levi, A.: PUF-enhanced offline RFID security and privacy. J. Netw. Comput. Appl. 35(6), 2059–2067 (2012)CrossRefGoogle Scholar
  11. 11.
    Kardaş, S., Kiraz, M.S., Bingöl, M.A., Demirci, H.: A novel RFID distance bounding protocol based on physically unclonable functions. In: Juels, A., Paar, C. (eds.) RFIDSec 2011. LNCS, vol. 7055, pp. 78–93. Springer, Heidelberg (2012). Scholar
  12. 12.
    Maes, R.: Physically Unclonable Functions: Constructions, Properties and Applications. Springer, Heidelberg (2013). Scholar
  13. 13.
    Paise, R.-I., Vaudenay, S.: Mutual authentication in RFID: security and privacy. In: Proceedings of the 2008 ACM Symposium on Information, Computer and Communications Security, ASIACCS 2008, pp. 292–299. ACM, New York (2008)Google Scholar
  14. 14.
    Peris-Lopez, P., Hernandez-Castro, J.C., Tapiador, J.M.E., Ribagorda, A.: Advances in ultralightweight cryptography for low-cost RFID tags: Gossamer protocol. In: Chung, K.-I., Sohn, K., Yung, M. (eds.) WISA 2008. LNCS, vol. 5379, pp. 56–68. Springer, Heidelberg (2009). Scholar
  15. 15.
    Sadeghi, A.-R., Visconti, I., Wachsmann, C.: Enhancing RFID security and privacy by physically unclonable functions. In: Sadeghi, A.R., Naccache, D. (eds.) Towards Hardware-Intrinsic Security. Information Security and Cryptography, pp. 281–305. Springer, Heidelberg (2010). Scholar
  16. 16.
    Sadeghi, A.-R., Visconti, I., Wachsmann, C.: PUF-enhanced RFID security and privacy. In: Workshop on Secure Component and System Identification (SECSI), vol. 110 (2010)Google Scholar
  17. 17.
    Sipser, M.: Introduction to the Theory of Computation. Cengage Learning, Boston (2012)zbMATHGoogle Scholar
  18. 18.
    Van Deursen, T., Radomirovic, S.: Attacks on RFID protocols (2008).
  19. 19.
    Vaudenay, S.: On privacy models for RFID. In: Kurosawa, K. (ed.) ASIACRYPT 2007. LNCS, vol. 4833, pp. 68–87. Springer, Heidelberg (2007). Scholar

Copyright information

© Springer Nature Switzerland AG 2019

Authors and Affiliations

  1. 1.Department of Computer ScienceAlexandru Ioan Cuza University of IaşiIaşiRomania

Personalised recommendations