By Topic

Refresh: Weak Privacy Model for RFID Systems

Sign In

Cookies must be enabled to login.After enabling cookies , please use refresh or reload or ctrl+f5 on the browser for the login options.

Formats Non-Member Member
$31 $13
Learn how you can qualify for the best price for this item!
Become an IEEE Member or Subscribe to
IEEE Xplore for exclusive pricing!
close button

puzzle piece

IEEE membership options for an individual and IEEE Xplore subscriptions for an organization offer the most affordable access to essential journal articles, conference papers, standards, eBooks, and eLearning courses.

Learn more about:

IEEE membership

IEEE Xplore subscriptions

3 Author(s)
Li Lu ; Sch. of Comput. Sci. & Eng., Univ. of Electron. Sci. & Technol. of China, Chengdu, China ; Yunhao Liu ; Xiang-Yang Li

Privacy-Preserving Authentication (PPA) is crucial for Radio Frequency Identifcation (RFID)-enabled applications. Without appropriate formal privacy models, it is difficult for existing PPA schemes to explicitly prove their privacy. Even worse, RFID systems cannot discover potential security flaws that are vulnerable to new attacking patterns. Recently, researchers propose a formal model, termed as Strong Privacy, which strictly requires tags randomly generate their output. Adopting the Strong Privacy model, PPA schemes have to employ brute-force search in tags' authentications, which incurs unacceptable overhead and delay to large-scale RFID systems. Instead of adopting Strong Privacy, most PPA schemes improve the authentication efficiency at the cost of the privacy degradation. Due to the lack of proper formal models, it cannot be theoretically proven that the degraded PPA schemes can achieve acceptable privacy in practical RFID systems. To address these issues, we propose a weak privacy model, Refresh, for designing PPA schemes with high efficiency as well as acceptable privacy. Based on Refresh, we show that many well-known PPA schemes do not provide satisfied privacy protection, even though they achieve relatively high authentication efficiency. We further propose a Light-weight privAcy-preServing authenTication scheme, LAST, which can guarantee the privacy based on the Refresh model and realize O(1) authentication efficiency, simultaneously.

Published in:

INFOCOM, 2010 Proceedings IEEE

Date of Conference:

14-19 March 2010