A Privacy-Preserving Grouping Proof Protocol Based on ECC with Untraceability for RFID

Affiliation(s)

Department of Electrical Engineering, Chang Gung University, Tao-Yuan, Chinese Taipei.

Department of Information Management, Chang Gung University, Tao-Yuan, Chinese Taipei.

Department of Electrical Engineering, Chang Gung University, Tao-Yuan, Chinese Taipei.

Department of Information Management, Chang Gung University, Tao-Yuan, Chinese Taipei.

ABSTRACT

An RFID (Radio-Frequency IDentification) system provides the mechanism to identify tags to readers and then to execute specific RFID-enabled applications. In those applications, secure protocols using lightweight cryptography need to be developed and the privacy of tags must be ensured. In 2010, Batina et al. proposed a privacy-preserving grouping proof protocol for RFID based on ECC (Elliptic Curve Cryptography) in public-key cryptosystem. In the next year, Lv et al. had shown that Batina et al.’s protocol was insecure against the tracking attack such that the privacy of tags did not be preserved properly. Then they proposed a revised protocol based on Batina et al.’s work. Their revised protocol was claimed to have all security properties and resisted tracking attack. But in this paper, we prove that Lv et al.’s protocol cannot work properly. Then we propose a new version protocol with some nonce to satisfy the functions of Batina et al.’s privacy-preserving grouping proof protocol. Further we try the tracing attack made by Lv et al. on our protocol and prove our protocol can resist this attack to recover the untraceability.

An RFID (Radio-Frequency IDentification) system provides the mechanism to identify tags to readers and then to execute specific RFID-enabled applications. In those applications, secure protocols using lightweight cryptography need to be developed and the privacy of tags must be ensured. In 2010, Batina et al. proposed a privacy-preserving grouping proof protocol for RFID based on ECC (Elliptic Curve Cryptography) in public-key cryptosystem. In the next year, Lv et al. had shown that Batina et al.’s protocol was insecure against the tracking attack such that the privacy of tags did not be preserved properly. Then they proposed a revised protocol based on Batina et al.’s work. Their revised protocol was claimed to have all security properties and resisted tracking attack. But in this paper, we prove that Lv et al.’s protocol cannot work properly. Then we propose a new version protocol with some nonce to satisfy the functions of Batina et al.’s privacy-preserving grouping proof protocol. Further we try the tracing attack made by Lv et al. on our protocol and prove our protocol can resist this attack to recover the untraceability.

Cite this paper

W. Ko, S. Chiou, E. Lu and H. Chang, "A Privacy-Preserving Grouping Proof Protocol Based on ECC with Untraceability for RFID,"*Applied Mathematics*, Vol. 3 No. 4, 2012, pp. 336-341. doi: 10.4236/am.2012.34051.

W. Ko, S. Chiou, E. Lu and H. Chang, "A Privacy-Preserving Grouping Proof Protocol Based on ECC with Untraceability for RFID,"

References

[1] A. Juels, “‘Yoking-Proofs’ for RFID Tags,” Proceedings of the Second IEEE Annual Conference on Pervasive Computing and Communications Workshops, Orlando, 14-17 March 2004, pp. 138-143.

[2] W. Diffe and M. E. Hellman, “New Directions in Cryptography,” IEEE Transaction on Information Theory, Vol. 22, No. 6, 1976, pp. 644-654. doi:10.1109/TIT.1976.1055638

[3] S. Vaudenay, “On Privacy Models for RFID,” In: Advances in Cryptology (ASI-ACRYPT’07), Lecture Notes in Computer Science, Vol. 4833, Springer-Verlag, Berlin, 2007, pp. 68-87.

[4] N. Koblitz, “Elliptic Curve Cryptosystems,” Mathematics of Computation, Vol. 48, 1987, pp. 203-209. doi:10.1090/S0025-5718-1987-0866109-5

[5] V. Miller, “Use of Elliptic Curves in Cryptography,” In: Advances in Cryptology CRYPTO85, Lecture Notes in Computer Science, Vol. 218, Springer-Verlag, Berlin, 1986, pp. 417-426.

[6] S. Galbraith, “Mathematics of Public Key Cryptography,” 2011. http://www.math.auckland.ac.nz/~sgal018/crypto-book/crypto-book.html

[7] J. Wolkerstorfer, “Is Elliptic Curve Cryptography Suitable to Secure RFID Tags?” Workshop on RFID and Lightweight Crypto, Graz, 13-15 July 2005.

[8] D. Hein, J. Wolkerstorfer and N. Felber, “ECC Is Ready for RFID—A Proof in Silicon,” Lecture Notes in Computer Science, Vol. 5381, 2008, pp. 401-413.

[9] L. Batina, Y. K. Lee, S. Seys, D. Singelée and I. Verbauwhede, “Short Paper: Privacy Preserving ECC-based Grouping Proofs for RFID,” Lecture Notes in Computer Science, Vol. 6531, 2010, pp. 159-165.

[10] C. Lv, H. Li, J. Ma, B. Niu and H. Jiang, “Security Analysis of a Privacy-preserving ECC-based Grouping-Proof Protocol,” Journal of Convergence Information Technology, Vol. 6 No. 3, 2011, pp. 113-119. doi:10.4156/jcit.vol6.issue3.13

[11] T. van Deursen, S. Mauw and S. Radomirovic, “Un-Traceability of RFID Protocols,” Lecture Notes in Computer Science, Vol. 5019, 2008, pp. 1-15. doi:10.1007/978-3-540-79966-5_1

[12] T. van Deursen, “50 Ways to Break RFID Privacy,” IFIP Advances in Information and Communication Technology, Vol. 352, 2011, pp. 192-205. doi:10.1007/978-3-540-79966-5_1

[13] D. Hankerson, A. Menezes and S. Vanstone, “Guide to Elliptic Curve Cryptography,” Springer-Verlag, Berlin, 2004.

[1] A. Juels, “‘Yoking-Proofs’ for RFID Tags,” Proceedings of the Second IEEE Annual Conference on Pervasive Computing and Communications Workshops, Orlando, 14-17 March 2004, pp. 138-143.

[2] W. Diffe and M. E. Hellman, “New Directions in Cryptography,” IEEE Transaction on Information Theory, Vol. 22, No. 6, 1976, pp. 644-654. doi:10.1109/TIT.1976.1055638

[3] S. Vaudenay, “On Privacy Models for RFID,” In: Advances in Cryptology (ASI-ACRYPT’07), Lecture Notes in Computer Science, Vol. 4833, Springer-Verlag, Berlin, 2007, pp. 68-87.

[4] N. Koblitz, “Elliptic Curve Cryptosystems,” Mathematics of Computation, Vol. 48, 1987, pp. 203-209. doi:10.1090/S0025-5718-1987-0866109-5

[5] V. Miller, “Use of Elliptic Curves in Cryptography,” In: Advances in Cryptology CRYPTO85, Lecture Notes in Computer Science, Vol. 218, Springer-Verlag, Berlin, 1986, pp. 417-426.

[6] S. Galbraith, “Mathematics of Public Key Cryptography,” 2011. http://www.math.auckland.ac.nz/~sgal018/crypto-book/crypto-book.html

[7] J. Wolkerstorfer, “Is Elliptic Curve Cryptography Suitable to Secure RFID Tags?” Workshop on RFID and Lightweight Crypto, Graz, 13-15 July 2005.

[8] D. Hein, J. Wolkerstorfer and N. Felber, “ECC Is Ready for RFID—A Proof in Silicon,” Lecture Notes in Computer Science, Vol. 5381, 2008, pp. 401-413.

[9] L. Batina, Y. K. Lee, S. Seys, D. Singelée and I. Verbauwhede, “Short Paper: Privacy Preserving ECC-based Grouping Proofs for RFID,” Lecture Notes in Computer Science, Vol. 6531, 2010, pp. 159-165.

[10] C. Lv, H. Li, J. Ma, B. Niu and H. Jiang, “Security Analysis of a Privacy-preserving ECC-based Grouping-Proof Protocol,” Journal of Convergence Information Technology, Vol. 6 No. 3, 2011, pp. 113-119. doi:10.4156/jcit.vol6.issue3.13

[11] T. van Deursen, S. Mauw and S. Radomirovic, “Un-Traceability of RFID Protocols,” Lecture Notes in Computer Science, Vol. 5019, 2008, pp. 1-15. doi:10.1007/978-3-540-79966-5_1

[12] T. van Deursen, “50 Ways to Break RFID Privacy,” IFIP Advances in Information and Communication Technology, Vol. 352, 2011, pp. 192-205. doi:10.1007/978-3-540-79966-5_1

[13] D. Hankerson, A. Menezes and S. Vanstone, “Guide to Elliptic Curve Cryptography,” Springer-Verlag, Berlin, 2004.