A Forward Privacy Model for RFID Authentication Protocols

  • Daisuke Moriyama
  • Miyako Ohkubo
  • Shin’ichiro Matsuo
Part of the Lecture Notes in Computer Science book series (LNCS, volume 7886)


In this paper, we propose a new variant of indistinguishability-based security model for the RFID authentication protocol, which allows an adversary to obtain an authentication result and secret key of a target tag. Ng et al. showed that symmetric-key based RFID authentication protocols cannot be resilient to the above information leakage simultaneously in the Paise-Vaudenay security model. We review the existing result and extend the Juels-Weis security model to satisfy these properties by using a suitable restriction. Moreover, we give two example protocols that satisfy the modified security model.


RFID authentication security model forward-privacy 


  1. 1.
    Akgün, M., Çaǧlayan, M.U.: Extending an RFID security and privacy model by considering forward untraceability. In: Cuellar, J., Lopez, J., Barthe, G., Pretschner, A. (eds.) STM 2010. LNCS, vol. 6710, pp. 239–254. Springer, Heidelberg (2011)CrossRefGoogle Scholar
  2. 2.
    Berbain, C., Billet, O., Etrog, J., Gilbert, H.: An efficient forward private RFID protocol. In: ACMCCS 2009, pp. 43–53. ACM (2009)Google Scholar
  3. 3.
    Billet, O., Etrog, J., Gilbert, H.: Lightweight privacy preserving authentication for RFID using a stream cipher. In: Hong, S., Iwata, T. (eds.) FSE 2010. LNCS, vol. 6147, pp. 55–74. Springer, Heidelberg (2010)CrossRefGoogle Scholar
  4. 4.
    Burmester, M., Le, T.V., Medeiros, B.D., Tsudik, G.: Universally composable RFID identification and authentication protocols. ACM TISSEC 12(4(21)) (2009)Google Scholar
  5. 5.
    Coisel, I., Martin, T.: Untangling RFID privacy models. ePrint Archive, 2011/636 (2011)Google Scholar
  6. 6.
    Hermans, J., Pashalidis, A., Vercauteren, F., Preneel, B.: A new RFID privacy model. In: Atluri, V., Diaz, C. (eds.) ESORICS 2011. LNCS, vol. 6879, pp. 568–587. Springer, Heidelberg (2011)CrossRefGoogle Scholar
  7. 7.
    Le, T.V., Burmester, M., Medeiros, B.D.: Universally composable and forward-secure RFID authentication and authenticated key exchange. In: ASIACCS 2007, pp. 242–252. ACM (2007)Google Scholar
  8. 8.
    Ng, C.Y., Susilo, W., Mu, Y., Safavi-Naini, R.: New privacy results on synchronized RFID authentication protocols against tag tracing. In: Backes, M., Ning, P. (eds.) ESORICS 2009. LNCS, vol. 5789, pp. 321–336. Springer, Heidelberg (2009)CrossRefGoogle Scholar
  9. 9.
    International organization for standardization. ISO/IEC 9798: Information technology – Security techniques – Entity authentication, 1991-2010Google Scholar
  10. 10.
    Juels, A., Weis, S.A.: Defining strong privacy for RFID. In: PerCom 2007, pp. 342–347. IEEE (2007)Google Scholar
  11. 11.
    Juels, A., Weis, S.A.: Defining strong privacy for RFID. ACM TISSEC 12(1(7)) (2009)Google Scholar
  12. 12.
    Lim, C.H., Kwon, T.: Strong and robust RFID authentication enabling perfect ownership transfer. In: Ning, P., Qing, S., Li, N. (eds.) ICICS 2006. LNCS, vol. 4307, pp. 1–20. Springer, Heidelberg (2006)CrossRefGoogle Scholar
  13. 13.
    Moriyama, D., Matsuo, S., Ohkubo, M.: Relations among notions of privacy for RFID authentication protocols. In: Foresti, S., Yung, M., Martinelli, F. (eds.) ESORICS 2012. LNCS, vol. 7459, pp. 661–678. Springer, Heidelberg (2012)CrossRefGoogle Scholar
  14. 14.
    Ouafi, K., Phan, R.C.-W.: Traceable privacy of recent provably-secure RFID protocols. In: Bellovin, S.M., Gennaro, R., Keromytis, A.D., Yung, M. (eds.) ACNS 2008. LNCS, vol. 5037, pp. 479–489. Springer, Heidelberg (2008)CrossRefGoogle Scholar
  15. 15.
    Ohkubo, M., Suzuki, K., Kinoshita, S.: Cryptographic approach to privacy-friendly tags. In: RFID Privacy Workshop (2003)Google Scholar
  16. 16.
    Ouafi, K., Vaudenay, S.: Strong privacy for RFID systems from plaintext-aware encryption. In: Pieprzyk, J., Sadeghi, A.-R., Manulis, M. (eds.) CANS 2012. LNCS, vol. 7712, pp. 247–262. Springer, Heidelberg (2012)CrossRefGoogle Scholar
  17. 17.
    Paise, R., Vaudenay, S.: Mutual authentication in RFID: security and privacy. In: ASIACCS 2008, pp. 292–299. ACM (2008)Google Scholar
  18. 18.
    Vaudenay, S.: On privacy models for RFID. In: Kurosawa, K. (ed.) ASIACRYPT 2007. LNCS, vol. 4833, pp. 68–87. Springer, Heidelberg (2007)CrossRefGoogle Scholar
  19. 19.
    Welbourne, E., Battle, L., Cole, G., Gould, K., Rector, K., Raymer, S., Balazinska, M., Borriello, G.: Building the internet of things using RFID: The RFID ecosystem experience. IEEE Internet Computing (2009)Google Scholar

Copyright information

© Springer-Verlag Berlin Heidelberg 2013

Authors and Affiliations

  • Daisuke Moriyama
    • 1
  • Miyako Ohkubo
    • 1
  • Shin’ichiro Matsuo
    • 1
  1. 1.NICT, National Institute of Information and Communication s TechnologyKoganei-shiJapan

Personalised recommendations