title   
  

PUF-enhanced offline RFID security and privacy

Kardaş, Süleyman and Çelik, Serkan and Yıldız, Muhammet and Levi, Albert (2012) PUF-enhanced offline RFID security and privacy. Journal of Network and Computer Applications, 35 (6). pp. 2059-2067. ISSN 1084-8045

[img]PDF - Registered users only - Requires a PDF viewer such as GSview, Xpdf or Adobe Acrobat Reader
357Kb

Official URL: http://dx.doi.org/10.1016/j.jnca.2012.08.006

Abstract

RFID (Radio Frequency IDentification) based communication solutions have been widely used nowadays for mobile environments such as access control for secure system, ticketing systems for transportation, and sport events. These systems usually depend on readers that are not continuously connected to a secure backend system. Thus, the readers should be able to perform their duties even in offline mode, which generally requires the management by the readers of the susceptible data. The use of RFID may cause several security and privacy issues such as traceability of tag owner, malicious eavesdropping and cloning of tags. Besides, when a reader is compromised by an adversary, the solution to resolve these issues getting worse. In order to handle these issues, several RFID authentication protocols have been recently proposed; but almost none of them provide strong privacy for the tag owner. On the other hand, several frameworks have been proposed to analyze the security and privacy but none of them consider offline RFID system. Motivated by this need, in this paper, we first revisit Vaudenay's model, extend it by considering offline RFID system and introduce the notion of compromise reader attacks. Then, we propose an efficient RFID mutual authentication protocol. Our protocol is based on the use of physically unclonable functions (PUFs) which provide cost-efficient means to the fingerprint chips based on their physical properties. We prove that our protocol provides destructive privacy for tag owner even against reader attacks.

Item Type:Article
Uncontrolled Keywords:RFID; PUF; Security; Privacy; Compromise of reader
Subjects:UNSPECIFIED
ID Code:20552
Deposited By:Albert Levi
Deposited On:06 Dec 2012 15:56
Last Modified:02 Jul 2013 11:10

Repository Staff Only: item control page