The rise of wireless applications based on RFID has brought up major concerns on privacy. Indeed nowadays, when such an application is deployed, informed customers yearn for guarantees that their privacy will not be threatened. One formal way to perform this task is to assess the privacy level of the RFID application with a model. However, if the chosen model does not reflect the assumptions and requirements of the analyzed application, it may misevaluate its privacy level. Therefore, selecting the most appropriate model among all the existing ones is not an easy task. This paper investigates the eight most well-known RFID privacy models and thoroughly examines their advantages and drawbacks in three steps. Firstly, five RFID authentication protocols are analyzed with these models. This discloses a main worry: although these protocols intuitively ensure different privacy levels, no model is able to accurately distinguish them. Secondly, these models are grouped according to their features (e.g., tag corruption ability). This classification reveals the most appropriate candidate model(s) to be used for a privacy analysis when one of these features is especially required. Furthermore, it points out that none of the models are comprehensive. Hence, some combinations of features may not match any model. Finally, the privacy properties of the eight models are compared in order to provide an overall view of their relations. This part highlights that no model globally outclasses the other ones. Considering the required properties of an application, the thorough study provided in this paper aims to assist system designers to choose the best suited model. 1. Introduction Radio Frequency IDentification (RFID) is a technology that permits identifying and authenticating remote objects or persons without line of sight. In a simple manner, a tag (i.e., a transponder composed of a microcircuit and an antenna) is embedded into an object and interacts with a reader when it enters within its electromagnetic field. The first use of RFID goes back to the early 1940s, during World War II, when the Royal Air Force deployed the IFF (Identify Friend or Foe) system to identify the Allies airplanes. Today, RFID is more and more exploited in many domains such as library management, pet identification, antitheft cars, anticounterfeiting, ticketing in public transportation, access control, or even biometric passports. It thus covers a wide ranging of wireless technologies, from systems based on low-cost tags (such as EPCs [1]) to more evolved ones operating with contactless
References
[1]
EPCglobal. Class-1 Generation 2 UHF Air Interface Protocol Standard Version 1. 2. 0: Gen 2, 2008, http://www.epcglobalinc.org/standards/.
A. Cavoukian, Privacy-by-Design, http://privacybydesign.ca/.
[5]
Viviane Reding. Commission recommendation of 12. 05. 2009—SEC(2009) 585/586, on the implementation of privacy and data protection principles in applications supported by radio-frequency identification, 2009.
[6]
G. Avoine, E. Dysli, and P. Oechslin, “Reducing time complexity in RFID systems,” in Proceedings of the 12th International Conference on Selected Areas in Cryptography (SAC '05), vol. 3897 of Lecture Notes in Computer Science, pp. 291–306, Springer, Kingston, Canada, 2005.
[7]
G. Avoine and P. Oechslin, “A scalable and provably secure hash-based RFID protocol,” in Proceedings of the 3rd IEEE International Conference on Pervasive Computing and Communications Workshops (PERCOMW '05) Workshops, pp. 110–114, IEEE, Kauai Island, Hawaii, USA, March 2005.
[8]
D. Molnar and D. Wagner, “Privacy and security in library RFID issues, practices, and architectures,” in Proceedings of the 11th ACM Conference on Computer and Communications Security (CCS '04), pp. 210–219, ACM, Washington, DC, USA, October 2004.
[9]
G. Avoine, “Adversary model for radio frequency identification,” LASEC-REPORT 2005-001, Swiss Federal Institute of Technology (EPFL), Security and Cryptography Laboratory (LASEC), Lausanne, Switzerland, 2005.
[10]
M. Burmester, T. van Le, B. de Medeiros, and G. Tsudik, “Universally composable RFID identification and authentication protocols,” ACM Transactions on Information and System Security, vol. 12, no. 4, article 21, 2009.
[11]
S. Canard, I. Coisel, J. Etrog, and M. Girault, “Privacy-preserving RFID systems: model and constructions,” Cryptology ePrint Archive, Report 2010/405, 2010.
[12]
R. H. Deng, Y. Li, M. Yung, and Y. Zhao, “A new framework for RFID Privacy,” in Proceedings of the 15th European Symposium on Research in Computer Security (ESORICS '10), vol. 6345 of Lecture Notes in Computer Science, pp. 1–18, Springer, Athens, Greece, 2010.
[13]
T. van Deursen, S. Mauw, and S. Radomirovi?, “Untraceability of RFID protocols,” in Proceedings of the 2nd IFIP WG 11.2 International Conference on Information Security Theory and Practices: Smart Devices, Convergence and Next Generation Networks (WISTP '08), vol. 5019 of Lecture Notes in Computer Science, pp. 1–15, Springer, Sevilla, Spain, May 2008.
[14]
J.-H. Ha, S.-J. Moon, J. Zhou, and J.-C. Ha, “A new formal proof model for RFID location privacy,” in Proceedings of the 13th European Symposium on Research in Computer Security (ESORICS '08), vol. 5283 of Lecture Notes in Computer Science, pp. 267–281, Springer, Malaga, Spain, 2008.
[15]
J. Hermans, A. Pashalidis, F. Vercauteren, and B. Preneel, “A new RFID privacy model,” in Proceedings of the 16th European Symposium on Research in Computer Security (ESORICS '11), vol. 6879 of Lecture Notes in Computer Science, pp. 568–587, Springer, Leuven, Belgium, 2011.
[16]
A. Juels and S. A. Weis, “Defining strong privacy for RFID,” in Proceedings of the 5th Annual IEEE International Conference on Pervasive Computing and Communications Workshops (PerCom '07), pp. 342–347, IEEE, New York, NY, USA, March 2007.
[17]
J. Lai, R. H. Deng, and Y. Li, “Revisiting unpredictability-based RFID privacy models,” in Proceedings of the 8th International Conference on Applied Cryptography and Network Security (ACNS '10), vol. 6123 of Lecture Notes in Computer Science, pp. 475–492, Springer, Beijing, China, 2010.
[18]
T. van Le, M. Burmester, and B. de Medeiros, “Universally composable and forward-secure RFID authentication and authenticated key exchange,” in Proceedings of the 2nd ACM Symposium on Information, Computer and Communications Security (ASIACCS '07), pp. 242–252, ACM, Singapore, March 2007.
[19]
C. Ma, Y. Li, R. H. Deng, and T. Li, “RFID privacy: relation between two notions, minimal condition, and efficient construction,” in Proceedings of the 16th ACM Conference on Computer and Communications Security (CCS '09), pp. 54–65, ACM, Chicago, Ill, USA, November 2009.
[20]
K. Ouafi, Security and privacy in RFID systems [Ph.D. thesis], EPFL, Lausanne, Switzerland, 2011.
[21]
R.-I. Paise and S. Vaudenay, “Mutual authentication in RFID: security and privacy,” in Proceedings of the 3rd ACM Symposium on Information, Computer and Communications Security (ASIACCS '08), pp. 292–299, ACM, Tokyo, Japan, March 2008.
[22]
S. Vaudenay, “On privacy models for RFID,” in Proceedings of 13th International Conference on the Theory and Application of Cryptology and Information Security (ASIACRYPT '07), vol. 4833 of Lecture Notes in Computer Science, pp. 68–87, Springer, Kuching, Malaysia, December 2007.
[23]
C. Su, Y. Li, Y. Zhao, R. H. Deng, Y. Zhao, and J. Zhou, “A survey on privacy frameworks for RFID authentication,” IEICE Transactions on Information and Systems, vol. 95, no. 1, pp. 2–11, 2012.
[24]
S. Canard and I. Coisel, “Data synchronization in privacy-preserving RFID authentication schemes,” in Proceedings of the 4th Workshop on RFID Security (RFIDSec '08), Budapest, Hungary, July 2008.
[25]
S. Bocchetti, Security and privacy in RFID protocols [M.S. thesis], Università degli Studi di Napoli Federico II, Naples, Italy, 2006.
[26]
F. Armknecht, A. R. Sadeghi, A. Scafuro, I. Visconti, and C. Wachsmann, “Impossibility results for RFID privacy notions,” Transaction on Computational Science XI, vol. 6480, pp. 39–63, 2010.
[27]
M. Bellare, A. Desai, D. Pointcheval, and P. Rogaway, “Relations among notions of security for public-key encryption schemes,” in Proceedings of the 18th Annual International Cryptology Conference on Advances in Cryptology (CRYPTO '98), vol. 1462 of Lecture Notes in Computer Science, pp. 26–45, Springer, Santa Barbara, Calif, USA, 1998.
[28]
G. Avoine, I. Coisel, and T. Martin, “Time measurement threatens privacy-friendly RFID authentication protocols,” in Proceedings of the 6th International Conference on Radio Frequency Identification: Security and Privacy Issues (RFIDSec '10), vol. 6370 of Lecture Notes in Computer Science, pp. 138–157, Springer, Istanbul, Turkey, 2010.
[29]
P. D'Arco, A. Scafuro, and I. Visconti, “Revisiting DoS attacks and privacy in RFID-enabled networks,” in Proceedings of the 5th International Workshop on Algorithmic Aspects of Wireless Sensor Networks (ALGOSENSORS '09), vol. 5804 of Lecture Notes in Computer Science, pp. 76–87, Springer, Rhodes, Greece, 2009.
[30]
F. D. Garcia and P. van Rossum, “Modeling privacy for off-line RFID systems,” in Proceedings of the 9th Smart Card Research and Advanced Applications (CARDIS '10), vol. 6035 of Lecture Notes in Computer Science, pp. 194–208, Springer, Passau, Germany, 2010.
[31]
R. Canetti, “Universally Composable Security: A New Paradigm for Cryptographic Protocols,” Cryptology ePrint Archive, Report 2000/067, 2000.
[32]
R. Canetti, “Security and Composition of Cryptographic Protocols: A Tutorial,” Cryptology ePrint Archive, Report 2006/465, 2006.
[33]
D. Dolev and A. C. Yao, “On the security of public key protocols,” IEEE Transactions on Information Theory, vol. 29, no. 2, pp. 198–208, 1983.
[34]
F. D. Garcia, I. Hasuo, W. Pieters, and P. van Rossum, “Provable anonymity,” in ACM Workshop on Formal Methods in Security Engineering (FMSE '05), pp. 63–72, ACM, Alexandria, VA, USA, November 2005.
[35]
S. Mauw, J. H. S. Verschuren, and E. P. de Vink, “A formalization of anonymity and onion routing,” in Proceedings of the 9th European Symposium on Research in Computer Security (ESORICS '04), vol. 3193 of Lecture Notes in Computer Science, pp. 109–124, Springer, Sophia Antipolis, France, 2004.
[36]
S. Canard, I. Coisel, and M. Girault, “Security of privacy-preserving RFID systems,” in Proceedings of IEEE International Conference on RFID-Technology and Applications (RFID-TA '10), pp. 269–274, IEEE, Guangzhou, China, June 2010.
[37]
International Organization for Standardization, ISO/IEC, 9798: Information technology—Security techniques—Entity authentication, 1991–2010.
[38]
M. Ohkubo, K. Suzuki, and S. Kinoshita, “Cryptographic approach to “privacy-friendly” tags,” in RFID Privacy Workshop, MIT, Cambridge, Mass, USA, November 2003.
[39]
T. Dimitriou, “A lightweight RFID protocol to protect against traceability and cloning attacks,” in Proceedings of the 1st International Conference on Security and Privacy for Emerging Areas in Communications Networks (SecureComm '05), pp. 59–66, IEEE, Athens, Greece, September 2005.
[40]
T. van Deursen, Security of RFID protocols [Ph.D. thesis], University of Luxembourg, Walferdange, Luxembourg, 2011.
[41]
G. P. Hancke, “Practical eavesdropping and skimming attacks on high-frequency RFID tokens,” Journal of Computer Security, vol. 19, no. 2, pp. 259–288, 2011.
[42]
D. Moriyama, S. Matsuo, and M. Ohkubo, “Relation among the security models for RFID authentication protocol,” in ECRYPT Workshop on Lightweight Cryptography, Louvain-la-Neuve, Belgium, 2011.
[43]
G. Avoine, B. Martin, and T. Martin, “Tree-based RFID authentication protocols are definitively not privacy-friendly,” in Proceedings of the 6th International Conference on Radio Frequency Identification: Security and Privacy Issues (RFIDSec '10), vol. 6370 of Lecture Notes in Computer Science, pp. 103–122, Springer, Istanbul, Turkey, 2010.
[44]
K. Ouafi and R. C. W. Phan, “Traceable privacy of recent provably-secure RFID protocols,” in Proceedings of the 6th International Conference on Applied Cryptography and Network Security (ACNS '08), vol. 5037 of Lecture Notes in Computer Science, pp. 479–489, Springer, New York City, NY, USA, June 2008.
