This Article 
   
 Share 
   
 Bibliographic References 
   
 Add to: 
 
Digg
Furl
Spurl
Blink
Simpy
Google
Del.icio.us
Y!MyWeb
 
 Search 
   
Privacy-Friendly Authentication in RFID Systems: On Sublinear Protocols Based on Symmetric-Key Cryptography
Oct. 2013 (vol. 12 no. 10)
pp. 2037-2049
Gildas Avoine, Universite catholique de Louvain, Louvain-la-Neuve
Muhammed Ali Bingol, Tubitak Bilgem Uekae, Kocaeli
Xavier Carpent, Universite catholique de Louvain, Louvain-la-Neuve
Siddika Berna Ors Yalcin, Istanbul Technical University, Istanbul
The recent advent of ubiquitous technologies has raised an important concern for citizens: the need to protect their privacy. So far, this wish was not heard of industrials, but national and international regulation authorities, as the European Commission recently published some guidelines to enforce customers' privacy in RFID systems: "Privacy by designâ is the way to be followed as stated in EC Recommendation of 12.5.2009. Research on privacy is an active domain but there is still a wide gap between theory and everyday life's applications. Filling this gap will require academia to design protocols and algorithms that fit the real-life constraints. In this paper, we provide a comprehensive analysis of privacy-friendly authentication protocols devoted to RFID that: 1) are based on well-established symmetric-key cryptographic building blocks; 2) require a reader complexity lower than $(O(N))$ where $(N)$ is the number of provers in the system. These two properties are sine qua non conditions for deploying privacy-friendly authentication protocols in large-scale applications, for example, access control in mass transportation. We describe existing protocols fulfilling these requirements and point out their drawbacks and weaknesses. We especially introduce attacks on CHT, CTI,YA-TRAP*, and the variant of OSK/AO with mutual authentication. We also raise that some protocols, such as O-RAP, O-FRAP, and OSK/BF, are not resistant to timing attacks. Finally, we select some candidates that are, according to our criteria, the most appropriate ones for practical uses.
Index Terms:
Protocols,Privacy,Authentication,Radiofrequency identification,Complexity theory,Cryptography,attacks,Protocols,Privacy,Authentication,Radiofrequency identification,Complexity theory,Cryptography,complexity,RFID,authentication,privacy
Citation:
Gildas Avoine, Muhammed Ali Bingol, Xavier Carpent, Siddika Berna Ors Yalcin, "Privacy-Friendly Authentication in RFID Systems: On Sublinear Protocols Based on Symmetric-Key Cryptography," IEEE Transactions on Mobile Computing, vol. 12, no. 10, pp. 2037-2049, Oct. 2013, doi:10.1109/TMC.2012.174
Usage of this product signifies your acceptance of the Terms of Use.