2010 23rd IEEE Computer Security Foundations Symposium 2010
DOI: 10.1109/csf.2010.13
|View full text |Cite
|
Sign up to set email alerts
|

Formal Verification of Privacy for RFID Systems

Abstract: Abstract. RFID tags are being widely employed in a variety of applications, ranging from barcode replacement to electronic passports. Their extensive use, however, in combination with their wireless nature, introduces privacy concerns as a tag could leak information about the owner's behaviour. In this paper we define two privacy notions, untraceability and forward privacy, using a formal model based on the applied pi calculus, and we show the relationship between them. Then we focus on a generic class of simp… Show more

Help me understand this report

Search citation statements

Order By: Relevance

Paper Sections

Select...
3
1
1

Citation Types

0
49
0

Year Published

2010
2010
2018
2018

Publication Types

Select...
7

Relationship

0
7

Authors

Journals

citations
Cited by 51 publications
(49 citation statements)
references
References 19 publications
0
49
0
Order By: Relevance
“…We are currently working on the formalization of the security claims in Proverif, following the direction of [BCdH10]. This task turned out to be nontrivial due to the fact that our protocol is state-full.…”
Section: Resultsmentioning
confidence: 99%
“…We are currently working on the formalization of the security claims in Proverif, following the direction of [BCdH10]. This task turned out to be nontrivial due to the fact that our protocol is state-full.…”
Section: Resultsmentioning
confidence: 99%
“…Trace equivalence can be used to formalise many interesting security properties, in particular privacy-type properties, such as those studied for instance in [1,6]. We first introduce a notion of intruder's knowledge well-suited to cryptographic primitives for which the success of decrypting or checking a signature is visible.…”
Section: Trace Equivalencementioning
confidence: 99%
“…However, privacy properties such as vote secrecy, anonymity, or untraceability cannot be expressed as such. They are instead defined as indistinguishability properties in [1,6]. For example, Alice's identity remains private if an attacker cannot distinguish a session where Alice is talking from a session where Bob is talking.…”
Section: Introductionmentioning
confidence: 99%
“…In this paper, we bring the privacy analysis of location-based services into the world of formal methods, leveraging previous work on privacy for vehicular mix-zones [10], electronic voting [11,15], and RFID tags [3,8]. In particular, we concentrate on VPriv [7], a proposed scheme for building location-based services using zero-knowledge techniques, designed to ensure that the paths of drivers are not revealed to the service providers, while nonetheless preventing drivers from reporting fake paths.…”
Section: Introductionmentioning
confidence: 99%