On Privacy Models for RFID

We provide a formal model for identification schemes. Under this model, we give strong definitions for security and privacy. Our model captures the notion of a powerful adversary who can monitor all communications, trace tags within a limited period of time, corrupt tags, and get side channel information on the reader output. Adversaries who do not have access to this side channel are called narrow adversaries. Depending on restrictions on corruption, adversaries are called strong, destructive, forward, or weak adversaries. We derive some separation results: strong privacy is impossible. Narrow-strong privacy implies key agreement. We also prove some constructions: narrow-strong and forward privacy based on a public-key cryptosystem, narrow-destructive privacy based on a random oracle, and weak privacy based on a pseudorandom function.


Published in:
Advances in Cryptology - Asiacrypt 2007, 68-87
Presented at:
Advances in Cryptology - Asiacrypt 2007, Kuching, Malaysia, December 2-6, 2007
Year:
2007
Publisher:
Springer-Verlag
Laboratories:




 Record created 2007-12-04, last modified 2018-11-26

n/a:
Download fulltext
PDF

Rate this document:

Rate this document:
1
2
3
 
(Not yet reviewed)