Privacy-Friendly Authentication in RFID Systems: On Sublinear Protocols Based on Symmetric-Key Cryptography

dc.cclicenceCC-BY-NCen
dc.contributor.authorBingol, Muhammed Ali
dc.contributor.authorAvoine, Gildas
dc.contributor.authorCarpent, Xavier
dc.contributor.authorOrs, Berna
dc.date.acceptance2012-08-03
dc.date.accessioned2020-06-30T14:38:37Z
dc.date.available2020-06-30T14:38:37Z
dc.date.issued2013-10-10
dc.descriptionThe Publisher's final version can be found by following the DOI linken
dc.description.abstractThe recent advent of ubiquitous technologies has raised an important concern for citizens: the need to protect their privacy. So far, this wish was not heard of industrials, but national and international regulation authorities, as the European Commission recently published some guidelines to enforce customers' privacy in RFID systems: "Privacy by designâ is the way to be followed as stated in EC Recommendation of 12.5.2009. Research on privacy is an active domain but there is still a wide gap between theory and everyday life's applications. Filling this gap will require academia to design protocols and algorithms that fit the real-life constraints. In this paper, we provide a comprehensive analysis of privacy-friendly authentication protocols devoted to RFID that: 1) are based on well-established symmetric-key cryptographic building blocks; 2) require a reader complexity lower than O(N) where N is the number of provers in the system. These two properties are sine qua non conditions for deploying privacy-friendly authentication protocols in large-scale applications, for example, access control in mass transportation. We describe existing protocols fulfilling these requirements and point out their drawbacks and weaknesses. We especially introduce attacks on CHT, CTI,YA-TRAP*, and the variant of OSK/AO with mutual authentication. We also raise that some protocols, such as O-RAP, O-FRAP, and OSK/BF, are not resistant to timing attacks. Finally, we select some candidates that are, according to our criteria, the most appropriate ones for practical uses.en
dc.exception.ref2021codes252cen
dc.funderNo external funderen
dc.identifier.citationAvoine, G., Bingol, M.A. Carpent, X., Berna, S., Yalcin, O. (2013) Privacy-Friendly Authentication in RFID Systems: On Sublinear Protocols Based on Symmetric-Key Cryptography. IEEE Transactions on Mobile Computing,12(10), pp. 2037–2049.en
dc.identifier.doihttps://doi.org/10.1109/tmc.2012.174
dc.identifier.issn1536-1233
dc.identifier.urihttps://dora.dmu.ac.uk/handle/2086/19881
dc.language.isoenen
dc.peerreviewedYesen
dc.publisherIEEEen
dc.researchinstituteCyber Technology Institute (CTI)en
dc.subjectProtocolsen
dc.subjectPrivacyen
dc.subjectAuthenticationen
dc.subjectRFIDen
dc.subjectComplexity theoryen
dc.subjectcryptographyen
dc.subjectattacksen
dc.titlePrivacy-Friendly Authentication in RFID Systems: On Sublinear Protocols Based on Symmetric-Key Cryptographyen
dc.typeArticleen

Files

Original bundle
Now showing 1 - 1 of 1
No Thumbnail Available
Name:
Bingol_Privacy_friendly_RFID.pdf
Size:
1.2 MB
Format:
Adobe Portable Document Format
Description:
Main Article - Accepted manuscript
License bundle
Now showing 1 - 1 of 1
No Thumbnail Available
Name:
license.txt
Size:
4.2 KB
Format:
Item-specific license agreed upon to submission
Description: