Formal Verification of Privacy for RFID Systems

Brusò, Mayla; Chatzikokolakis, Konstantinos; Hartog, Jerry den

doi:10.1109/csf.2010.13

Cited by 49 publications

(49 citation statements)

References 19 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

“…We are currently working on the formalization of the security claims in Proverif, following the direction of [BCdH10]. This task turned out to be nontrivial due to the fact that our protocol is state-full.…”

Section: Resultsmentioning

confidence: 99%

Towards a Practical Solution to the RFID Desynchronization Problem

Gans

Garcia

2010

Radio Frequency Identification: Security and Privacy Issues

View full text Add to dashboard Cite

Abstract. Even though RFID technology has expanded enormously, this expansion has been hindered by privacy concerns. In order to prevent an adversary from tracking RFID tags and thus breaking location privacy, tags have to update their internal state with every authentication attempt. Although this technique solves the privacy problem, it has the side effect that tags and back office might desynchronize. This desynchronization can be caused by physical conditions or by adversarial intervention. If we look at consumer product identification, RFID labels and barcodes are bound to coexist for quite some time. In this paper we exploit this coexistence to reduce the workload at the reader/backoffice and allow re-synchronization. Concretely, we propose an authentication protocol that achieves correctness, forward-privacy under mild additional assumptions and synchronization in the random oracle model.

show abstract

Section: Resultsmentioning

confidence: 99%

Towards a Practical Solution to the RFID Desynchronization Problem

Gans

Garcia

2010

Radio Frequency Identification: Security and Privacy Issues

View full text Add to dashboard Cite

show abstract

“…Trace equivalence can be used to formalise many interesting security properties, in particular privacy-type properties, such as those studied for instance in [1,6]. We first introduce a notion of intruder's knowledge well-suited to cryptographic primitives for which the success of decrypting or checking a signature is visible.…”

Section: Trace Equivalencementioning

confidence: 99%

“…However, privacy properties such as vote secrecy, anonymity, or untraceability cannot be expressed as such. They are instead defined as indistinguishability properties in [1,6]. For example, Alice's identity remains private if an attacker cannot distinguish a session where Alice is talking from a session where Bob is talking.…”

Section: Introductionmentioning

confidence: 99%

From Security Protocols to Pushdown Automata

Chrétien

Cortier

Delaune

2013

Automata, Languages, and Programming

View full text Add to dashboard Cite

Abstract. Formal methods have been very successful in analyzing security protocols for reachability properties such as secrecy or authentication. In contrast, there are very few results for equivalence-based properties, crucial for studying e.g. privacy-like properties such as anonymity or vote secrecy. We study the problem of checking equivalence of security protocols for an unbounded number of sessions. Since replication leads very quickly to undecidability (even in the simple case of secrecy), we focus on a limited fragment of protocols (standard primitives but pairs, one variable per protocol's rules) for which the secrecy preservation problem is known to be decidable. Surprisingly, this fragment turns out to be undecidable for equivalence. Then, restricting our attention to deterministic protocols, we propose the first decidability result for checking equivalence of protocols for an unbounded number of sessions. This result is obtained through a characterization of equivalence of protocols in terms of equality of languages of (generalized, real-time) deterministic pushdown automata.

show abstract

“…In this paper, we bring the privacy analysis of location-based services into the world of formal methods, leveraging previous work on privacy for vehicular mix-zones [10], electronic voting [11,15], and RFID tags [3,8]. In particular, we concentrate on VPriv [7], a proposed scheme for building location-based services using zero-knowledge techniques, designed to ensure that the paths of drivers are not revealed to the service providers, while nonetheless preventing drivers from reporting fake paths.…”

Section: Introductionmentioning

confidence: 99%

Formal Analysis of Privacy for Anonymous Location Based Services

Dahl

Delaune

Steel

2012

Theory of Security and Applications

View full text Add to dashboard Cite

Abstract. We propose a framework for formal analysis of privacy in location based services such as anonymous electronic toll collection. We give a formal definition of privacy, and apply it to the VPriv scheme for vehicular services. We analyse the resulting model using the ProVerif tool, concluding that our privacy property holds only if certain conditions are met by the implementation. Our analysis includes some novel features such as the formal modelling of privacy for a protocol that relies on interactive zero-knowledge proofs of knowledge and list permutations.

show abstract

Formal Verification of Privacy for RFID Systems

Cited by 49 publications

References 19 publications

Towards a Practical Solution to the RFID Desynchronization Problem

Towards a Practical Solution to the RFID Desynchronization Problem

From Security Protocols to Pushdown Automata

Formal Analysis of Privacy for Anonymous Location Based Services

Contact Info

Product

Resources

About