Cryptanalysis of Dimitriou's Key Evolving RFID Systems

Lee, Cheng‐Chi; Cheng, Chung-Lun; Lai, Yi‐Ting; Li, Chun-Ta

doi:10.1145/3033288.3033292

Cited by 4 publications

(2 citation statements)

References 16 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

“…In this section, we shall prove that the proposed scheme satisfies all important security requirements, and the security protection is strong enough against all possible attacks. To decide on our lists of security requirements and possible attacks, we referred to some well-established studies on RFID authentication as well as ownership transfer (Alamr et al 2016;Kapoor and Piramuthu 2012;Lee et al 2016;Lien et al 2012;Lin et al 2015;Mujahid et al 2016). Table 4 shows a security comparison among several related schemes (Cao et al 2016;Chien 2015;Cong et al 2014;Lee et al 2016;Munilla et al 2013;Munilla et al 2016;Ray et al 2017).…”

Section: Security Analysismentioning

confidence: 99%

A Novel Group Ownership Delegate Protocol for RFID Systems

Lee

Cheng

et al. 2018

Inf Syst Front

Self Cite

View full text Add to dashboard Cite

In recent years, Radio Frequency Identification (RFID) applications of various kinds have been blooming. However, along with the stunning advancement have come all sorts of security and privacy issues, for RFID tags oftentimes store private data and so the permission to read a tag or any other kind of access needs to be carefully controlled. Therefore, of all the RFID-related researches released so far, a big portion focuses on the issue of authentication. There have been so many cases where the legal access to or control over a tag needs to be switched from one reader to another, which has encouraged the development of quite a number of different kinds of ownership transfer protocols. On the other hand, not only has the need for ownership transfer been increasing, but a part of it has also been evolving from individual ownership transfer into group ownership transfer. However, in spite of the growing need for practical group ownership transfer services, little research has been done to offer an answer to the need. In this paper, we shall present a new RFID time-bound group ownership delegate protocol based on homomorphic encryption and quadratic residues. In addition, in order to provide more comprehensive service, on top of mutual authentication and ownership delegation, we also offer options for the e-th time verification as well as the revocation of earlier delegation.

show abstract

Section: Security Analysismentioning

confidence: 99%

A Novel Group Ownership Delegate Protocol for RFID Systems

Lee

Cheng

et al. 2018

Inf Syst Front

Self Cite

View full text Add to dashboard Cite

show abstract

“…Hence, Yoon et al [13], Chen et al [14], Yang et al [15], and Dimitriou et al [16] proposed new ownership transfer methods to address the asynchronous service problem and ensure the forward secrecy of ownership transfer. However, the protocol presented by Dimitriou et al [16] is vulnerable to counterfeiting and replay attacks [17]. The methods developed by Yoon et al [13] and Chen et al [14] are also associated with security concerns such as lack of support for backward secrecy, the inability to ensure location privacy, and windowing problems [9,18].…”

Section: Introductionmentioning

confidence: 99%

A Secure Partial RFID Ownership Transfer Protocol with Multi-Owners

Luo

Yang

2019

Sensors

View full text Add to dashboard Cite

Mobile radio frequency identification (RFID) has been extensively applied in a wide range of fields. In supply chain management, RFID is used to more efficiently manage the ownership transfer of cargo. The transfer of a group of tags belonging to multiple owners is often required at the front end of a supply chain. This study, therefore, proposes a secure, high-performance threshold multi-owner partial tag ownership transfer protocol that supports a mobile RFID environment and features the capabilities and security required for supporting existing ownership transfer environments (e.g., application for different authorities, designation of the transfer target, and ownership transfer of a group of tags). Moreover, the proposed protocol can resist against most of the known attacks on RFID. some, or all tags, (3) provides two-way authentication between a tag, reader, and a back-end server, (4) ensures that tag ownership is only transferred to the designated owners, (5) is secure and immune to replay attacks, eavesdropping, message modification attacks, and tracking attacks (i.e., protects owner privacy) and provides forward and backward secrecy. Lastly, it (6) features high performance that is not related to the reader participating in the transfer or the number of tags and does not increase information and calculation load considerably when the number of owners and tags increases.This paper is organized as follows. Section 2 introduces the environmental assumptions of the proposed ownership transfer protocol and the relationships among the tag, reader, and the back-end server. Section 3 provides a detailed description of the proposed protocol. Section 4 compares and analyzes the security of the proposed method and other RFID ownership transfer methods. Section 5 presents the calculation performance of the proposed protocol for analysis and a comparison with those introduced in relevant studies, and, lastly, Section 6 concludes this study. Multi-Owner Multi-Tag Ownership Transfer MethodThis study proposes a secure multi-owner multi-tag ownership transfer method for a mobile RFID network environment. Figure 1 illustrates the architecture of the proposed system. The mobile device of a member of the old owner group sends a signal for ownership transfer, reads the partial tags in the group to be transferred, and sends the transfer message collectively generated by these tags to a back-end server. The server then notifies the group of old owners. If the partial signature of n old owners who consent to partial tag ownership transfer exceeds the threshold value, then the group of old owners and the group of new owners jointly conduct ownership transfer.

show abstract