Authors:
Ferucio Laurenţiu Ţiplea
1
;
2
and
Cristian Hristea
2
Affiliations:
1
Department of Computer Science, Alexandru Ioan Cuza University of Iaşi, Iaşi, Romania
;
2
Simion Stoilow Institute of Mathematics of the Romanian Academy, Bucharest, Romania
Keyword(s):
RFID System, Security, Privacy.
Abstract:
Complex systems based on RFID technology, such as healthcare or people identification, raise various scalability problems, timely identification of tags, security, privacy, and efficient, practical implementation. This is because such systems contain many tags, operate with private personal data, and respond promptly in concrete, practical situations to avoid malfunctions (errors in the decision process, traffic congestion, and so on). This paper proposes an RFID protocol that achieves the properties mentioned above, namely mutual authentication, destructive privacy, and constant-time identification in Vaudenay’s model with temporary state disclosure. The protocol employs just an IND-CPA secure symmetric-key encryption scheme, which makes it very efficient in implementation. To protect the secret key against adversaries with corruption capabilities, physically unclonable functions (PUFs) are used to mask it. As far as we know, this is the most practically efficient RFID protocol that
achieves mutual authentication, destructive privacy, and constant-time identification. All these key features make it suitable for applications as those above.
(More)