Skip to main content
SpringerLink
Log in

Anonymous Authentication for RFID Systems

  • Conference paper
Radio Frequency Identification: Security and Privacy Issues (RFIDSec 2010)

Part of the book series: Lecture Notes in Computer Science ((LNSC,volume 6370))

Abstract

In this paper, we present an anonymous authentication scheme that allows RFID tags to authenticate to readers without disclosing the tag identity or any other information that allows tags to be traced. The properties of our scheme are very useful for a variety of access control systems, where it is sufficient or mandatory to verify the authenticity of a tag without inferring its identity.

Our scheme is based on the recently proposed anoymizer-approach, where additional devices (called anonymizers) frequently interact with the tags to ensure anonymity and unlinkability of tags. This allows using cost-effective RFID tags that cannot perform public-key cryptography in an efficient and scalable way. Our solution provides (i) anonymity and untracability of tags against readers, (ii) secure tag authentication even against collusions of malicious readers and anonymizers, and (iii) security against denial-of-service attacks.

This is a preview of subscription content, log in via an institution to check access.

Access this chapter

Log in via an institution
Chapter
USD 29.95
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
eBook
USD 39.99
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
Softcover Book
USD 54.99
Price excludes VAT (USA)
  • Compact, lightweight edition
  • Dispatched in 3 to 5 business days
  • Free shipping worldwide - see info

Tax calculation will be finalised at checkout

Purchases are for personal use only

Institutional subscriptions

Preview

Unable to display preview. Download preview PDF.

Unable to display preview. Download preview PDF.

References

  1. Atmel Corporation: Innovative IDIC solutions (2007), http://www.atmel.com/dyn/resources/prod_documents/doc4602.pdf

  2. NXP Semiconductors: MIFARE Smartcard ICs (September 2008), http://www.mifare.net/products/smartcardics/

  3. Sadeghi, A.R., Visconti, I., Wachsmann, C.: User privacy in transport systems based on RFID e-tickets. International Workshop on Privacy in Location-Based Applications (PiLBA), Malaga, Spain (October 9, 2008)

    Google Scholar 

  4. Organization, I.C.A.: Machine Readable Travel Documents, Doc 9303, Part 1 Machine Readable Passports, 5 (edn.) (2003)

    Google Scholar 

  5. Weis, S.A., Sarma, S.E., Rivest, R.L., Engels, D.W.: Security and privacy aspects of low-cost radio frequency identification systems. In: Hutter, D., Müller, G., Stephan, W., Ullmann, M. (eds.) Security in Pervasive Computing. LNCS, vol. 2802, pp. 50–59. Springer, Heidelberg (2004)

    Chapter  Google Scholar 

  6. Juels, A.: RFID security and privacy: A research survey. Journal of Selected Areas in Communication 24(2), 381–395 (2006)

    Article  MathSciNet  Google Scholar 

  7. Sadeghi, A.R., Visconti, I., Wachsmann, C.: Location privacy in RFID applications. In: Bettini, C., Jajodia, S., Samarati, P., Wang, X.S. (eds.) Privacy in Location-Based Applications. LNCS, vol. 5599, pp. 127–150. Springer, Heidelberg (2009)

    Chapter  Google Scholar 

  8. Sadeghi, A.R., Visconti, I., Wachsmann, C.: On RFID privacy with mutual authentication and tag corruption. In: Zhou, J. (ed.) ACNS 2010. LNCS, vol. 6123, pp. 493–510. Springer, Heidelberg (2010)

    Google Scholar 

  9. Avoine, G.: RFID Lounge (April 2010), http://www.avoine.net/rfid/

  10. Heydt-Benjamin, T.S., Chae, H.J., Defend, B., Fu, K.: Privacy for Public Transportation. In: Danezis, G., Golle, P. (eds.) PET 2006. LNCS, vol. 4258, pp. 1–19. Springer, Heidelberg (2006)

    Chapter  Google Scholar 

  11. Blass, E.O., Kurmus, A., Molva, R., Strufe, T.: PSP: Private and secure payment with RFID. Cryptology ePrint Archive, Report 2009/181 (2009)

    Google Scholar 

  12. Bichsel, P., Camenisch, J., Groß, T., Shoup, V.: Anonymous credentials on a standard Java Card. In: Proceedings of the 11th ACM Conference on Computer and Communications Security, pp. 600–610. ACM Press, New York (2009)

    Google Scholar 

  13. Avoine, G., Lauradoux, C., Martin, T.: When compromised readers meet RFID. In: RFIDSec 2009 (2009)

    Google Scholar 

  14. Garcia, F.D., van Rossum, P.: Modeling privacy for off-line RFID systems. In: RFIDSec 2009 (2009)

    Google Scholar 

  15. Nithyanand, R., Tsudik, G., Uzun, E.: Readers behaving badly: Reader revocation in PKI-based RFID systems. Cryptology ePrint Archive, Report 2009/465 (2009)

    Google Scholar 

  16. Camenisch, J., Lysyanskaya, A.: A signature scheme with efficient protocols. In: Cimato, S., Galdi, C., Persiano, G. (eds.) SCN 2002. LNCS, vol. 2576, pp. 268–289. Springer, Heidelberg (2003)

    Chapter  Google Scholar 

  17. Camenisch, J., Lysyanskaya, A.: Signature schemes and anonymous credentials from bilinear maps. In: Franklin, M. (ed.) CRYPTO 2004. LNCS, vol. 3152, pp. 56–72. Springer, Heidelberg (2004)

    Google Scholar 

  18. Chen, L., Morrissey, P., Smart, N.P.: DAA: Fixing the pairing based protocols. Cryptology ePrint Archive, Report 2009/198 (2009)

    Google Scholar 

  19. Spirtech: CALYPSO functional specification: Card application, version 1.3. (October 2005), http://calypso.spirtech.net/

  20. Juels, A., Pappu, R.: Squealing Euros: Privacy protection in RFID-enabled banknotes. In: Wright, R.N. (ed.) FC 2003. LNCS, vol. 2742, pp. 103–121. Springer, Heidelberg (2003)

    Chapter  Google Scholar 

  21. Golle, P., Jakobsson, M., Juels, A., Syverson, P.: Universal re-encryption for mixnets. In: Okamoto, T. (ed.) CT-RSA 2004. LNCS, vol. 2964, pp. 163–178. Springer, Heidelberg (2004)

    Chapter  Google Scholar 

  22. Saito, J., Ryou, J.C., Sakurai, K.: Enhancing privacy of universal re-encryption scheme for RFID tags. In: Yang, L.T., Guo, M., Gao, G.R., Jha, N.K. (eds.) EUC 2004. LNCS, vol. 3207, pp. 879–890. Springer, Heidelberg (2004)

    Chapter  Google Scholar 

  23. Ateniese, G., Camenisch, J., de Medeiros, B.: Untraceable RFID tags via insubvertible encryption. In: Proceedings of the 12th ACM Conference on Computer and Communications Security, pp. 92–101. ACM Press, New York (2005)

    Chapter  Google Scholar 

  24. Sadeghi, A.R., Visconti, I., Wachsmann, C.: Anonymizer-enabled security and privacy for RFID. In: Garay, J.A., Miyaji, A., Otsuka, A. (eds.) CANS 2009. LNCS, vol. 5888, pp. 134–153. Springer, Heidelberg (2009)

    Chapter  Google Scholar 

  25. Avoine, G.: Adversarial model for radio frequency identification. Cryptology ePrint Archive, Report 2005/049 (2005)

    Google Scholar 

  26. Juels, A., Weis, S.A.: Defining strong privacy for RFID. Cryptology ePrint Archive, Report 2006/137 (2006)

    Google Scholar 

  27. Vaudenay, S.: On privacy models for RFID. In: Kurosawa, K. (ed.) ASIACRYPT 2007. LNCS, vol. 4833, pp. 68–87. Springer, Heidelberg (2007)

    Chapter  Google Scholar 

  28. Burmester, M., Le, T.V., Medeiros, B.D., Tsudik, G.: Universally composable RFID identification and authentication protocols. ACM Transactions on Information and System Security (TISSEC) 12(4) (2009)

    Google Scholar 

  29. Liu, J.K., Baek, J., Zhou, J., Yang, Y., Wong, J.W.: Efficient online/offline identity-based signature for wireless sensor network. Cryptology ePrint Archive, Report 2010/003 (2010)

    Google Scholar 

  30. Atmel Corporation: Secure RFID: CryptoRF (July 2009), http://www.atmel.com/products/SecureRF

  31. NXP Semiconductors: MiFare SmartMX (July 2009), http://www.mifare.net/products/smartcardics/smartmx.asp

  32. Tuyls, P., Batina, L.: RFID-tags for anti-counterfeiting. In: Pointcheval, D. (ed.) CT-RSA 2006. LNCS, vol. 3860, pp. 115–131. Springer, Heidelberg (2006)

    Chapter  Google Scholar 

  33. Bolotnyy, L., Robins, G.: Physically unclonable function-based security and privacy in RFID systems. In: Proceedings of the Fifth IEEE International Conference on Pervasive Computing and Communications, pp. 211–220. IEEE Computer Society, Los Alamitos (2007)

    Chapter  Google Scholar 

  34. Devadas, S., Suh, E., Paral, S., Sowell, R., Ziola, T., Khandelwal, V.: Design and implementation of PUF-based unclonable RFID ICs for anti-counterfeiting and security applications. In: IEEE International Conference on RFID 2008, Las Vegas, NV, USA, April 16–17, pp. 58–64. IEEE Computer Society, Los Alamitos (2008)

    Chapter  Google Scholar 

  35. Boneh, D., Lynn, B., Shacham, H.: Short signatures from the Weil pairing. In: Boyd, C. (ed.) ASIACRYPT 2001. LNCS, vol. 2248, pp. 514–532. Springer, Heidelberg (2001)

    Chapter  Google Scholar 

  36. Smart, N.: D.SPA.7 ECRYPT2 yearly report on algorithms and keysizes (2008-2009), http://www.ecrypt.eu.org/documents/D.SPA.7.pdf (August 2008)

  37. Chen, L., Page, D., Smart, N.: On the design and implementation of an efficient DAA scheme. In: Gollmann, D., Lanet, J.-L., Iguchi-Cartigny, J. (eds.) CARDIS 2010. LNCS, vol. 6035, pp. 223–237. Springer, Heidelberg (2010)

    Chapter  Google Scholar 

  38. Bellare, M., Desai, A., Jokipii, E., Rogawayy, P.: A concrete security treatment of symmetric encryption: Analysis of the DES modes of operation. In: Proceedings of the 38th Symposium on Foundations of Computer Science. IEEE, Los Alamitos (1997)

    Google Scholar 

Download references

Author information

Authors and Affiliations

  1. University of Mannheim, Germany

    Frederik Armknecht

  2. Hewlett Packard Labs, Bristol, UK

    Liqun Chen

  3. Horst Görtz Institute for IT-Security (HGI), Ruhr-University Bochum, Germany

    Ahmad-Reza Sadeghi & Christian Wachsmann

Authors
  1. Frederik Armknecht
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. Liqun Chen
    View author publications

    You can also search for this author in PubMed Google Scholar

  3. Ahmad-Reza Sadeghi
    View author publications

    You can also search for this author in PubMed Google Scholar

  4. Christian Wachsmann
    View author publications

    You can also search for this author in PubMed Google Scholar

Editor information

Editors and Affiliations

  1. Faculty of Electrical and Electronics Engineering, Department of Electronics and Communication Engineering, Istanbul Technical University, 34469, Istanbul, Turkey

    Siddika Berna Ors Yalcin

Rights and permissions

Reprints and permissions

Copyright information

© 2010 Springer-Verlag Berlin Heidelberg

About this paper

Cite this paper

Armknecht, F., Chen, L., Sadeghi, AR., Wachsmann, C. (2010). Anonymous Authentication for RFID Systems. In: Ors Yalcin, S.B. (eds) Radio Frequency Identification: Security and Privacy Issues. RFIDSec 2010. Lecture Notes in Computer Science, vol 6370. Springer, Berlin, Heidelberg. https://doi.org/10.1007/978-3-642-16822-2_14

Download citation

  • DOI: https://doi.org/10.1007/978-3-642-16822-2_14

  • Publisher Name: Springer, Berlin, Heidelberg

  • Print ISBN: 978-3-642-16821-5

  • Online ISBN: 978-3-642-16822-2

  • eBook Packages: Computer ScienceComputer Science (R0)

Publish with us

Policies and ethics

Search

Navigation