Radio Frequency Identification (RFID) is a key technology used in many applications. In the past decades, plenty of secure and privacy-preserving RFID tag/mutual authentication protocols as well as formal frameworks for evaluating them have been proposed. However, we notice that a property, namely proof of possession (PoP), has not been rigorously studied till now, despite it has significant value in many RFID applications. For example, in RFID-enabled supply chains, PoP helps prevent dis-honest parties from publishing information about products/tags that they actually have never processed. We propose the first formal framework for RFID tag/mutual authentication with PoP after correcting deficiencies of some existing RFID formal frameworks. We provide a generic construction to transform an RFID tag/mutual authentication protocol to one that supports PoP using a cryptographic hash function, a pseudorandom function (PRF) and a signature scheme. We prove that the constructed protocol is secure and privacy-preserving under our framework if all the building blocks possess desired security properties. Finally, we show an RFID mutual authentication protocol with PoP. Arming tag/mutual authentication protocols with PoP is an important step to strengthen RFID-enabled systems as it bridges the security gap between physical layer and data layer, and reduces the misuses of RFID-related data.
翻译:无线电频率识别(RFID)是许多应用中使用的一项关键技术。在过去几十年中,已经提出了大量安全和隐私保存RFID标签/相互认证协议以及评估这些协议的正式框架。然而,我们注意到,迄今为止尚未对财产,即占有证明(POP)进行严格研究,尽管它在许多RFID应用中具有重大价值。例如,在RFID驱动的供应链中,POP帮助防止不诚实的当事方公布关于它们实际上从未处理过的产品/标签的信息。我们提出了第一个正式框架,在纠正了现有RFID正式框架的缺陷之后,与POP进行RFID标记/相互认证。我们提供了一种通用结构,将RFID标签/相互认证协议转换为一种支持POP的加密功能、假冒功能(PRFS)和签字计划。我们证明,如果所有建筑区块都拥有它们想要的安全特性,那么所构建的议定书是安全的和隐私保护的。最后,我们展示了RFID与P的相互认证协议。与PFID标记/相互认证协议安装标记/相互认证协议,与PPPPIFID与PAFID安全级数据库的升级数据库是一个重要步骤,加强与RFID数据库。