EC-RAC (ECDLP Based Randomized Access Control): Provably Secure RFID authentication protocol
read more
Citations
Security, privacy and trust of different layers in Internet-of-Things (IoTs) framework
An Analysis of RFID Authentication Schemes for Internet of Things in Healthcare Environment Using Elliptic Curve Cryptography
Attacks on RFID Protocols
Lightweight Mutual Authentication for IoT and Its Applications
Low-cost untraceable authentication protocols for RFID
References
Efficient Identification and Signatures for Smart Cards
Security and Privacy Aspects of Low-Cost Radio Frequency Identification Systems
Lower bounds for discrete logarithms and related problems
Efficient identification and signatures for smart cards
Authenticating pervasive devices with human protocols
Related Papers (5)
Frequently Asked Questions (16)
Q2. What have the authors contributed in "Ec-rac (ecdlp based randomized access control): provably secure rfid authentication protocol" ?
Moreover, general public-key cryptography based authentication protocols are vulnerable in terms of anonymity, which is shown in this paper. Moreover, the authors present the implementation results of EC-RAC to show its feasibility for RFID systems.
Q3. What can an attacker perform for the group operations as follows?
An attacker can perform an addition oracle Add, an inverse oracle Inv and a scalar multiplication oracle for Mul for the group operations as follows.
Q4. Why have many protocols been proposed for RFID systems?
Many protocols have been proposed for RFID systems using a hash algorithm due to their cheap implementations [6], [7], [8], [9], [10], [13], [14], [15].
Q5. What is the choice for a public-key cryptographic algorithm?
Among public-key cryptographic algorithms, a ECC based algorithm would be the best choice due to its small key size and computational efficiency.
Q6. Why are well-known ECDLP based authentication protocols not suitable for RFID systems?
In addition, well-known ECDLP based authentication protocols are not suitable for RFID systems not only because of the un-solved problem about the secure transmission of a tag’s ID but also because of vulnerability against the tracking attack.
Q7. What is the way to derive r1yP?
Since the number of the parameters are 4 and there are 5 terms (i.e. r1P , r1yP , x1yP , yP and P ), it is infeasible to derive r1yP .
Q8. What is the purpose of a randomized access control?
In order to randomize messages, a reader and a tag need to share some secret information which is unknown to attackers so that only the entities which have the secret information can interpret the randomized messages.
Q9. What is the main purpose of the RFID authentication protocol?
In [13], the keys of tags are updated only when the authentication protocols are successful, and hence all the response from malicious queries, which lead unsuccessful authentications, will be fixed until the next successful authentication.
Q10. What is the secret key of the oracle?
The output of the oracle (−x1P1 − x2P2) is the public key of a tag and it satisfies the conditions of Definition 1 since it has some variables indicating a specific tag, i.e. x1 and x2, and does not hvae any random variable.
Q11. What is the simplest way to solve the Diffie-Hellman problem?
If the oracle Q is reduced to the Diffie-Hellman problem, the existence of such Q implies that Diffie-Hellman problem is solvable in polynomial time.
Q12. What is the value of the random mapping of the group elements to the images?
For a given group G, the random mapping of the group elements to the images can be described as σ : G → {0, 1}l where l is the length of the random strings.
Q13. What is the main goal of the RFID authentication protocol?
In [16], [17], [18] they proposed to use ECDLP (Elliptic Curve Discrete Logarithm Problem) based authentication protocols for RFID systems, which will be analyzed in the following section.
Q14. What are the two popular authentication protocols for RFID systems?
In [16] no specific authentication protocol is mentioned, and the Schnorr protocol [19] and the Okamoto protocol [20] are adopted in [17] and [18] respectively.
Q15. What is the definition of the tracking attack?
In order to discuss the issue of the tracking attack, the authors put forward a formal definition for the security against thetracking attack which is very strong since it can be applied to not only passive attacks but also active attacks.
Q16. What is the simplest way to derive x2P?
Q (r1P, (r1 + x1)yP, yP, P ) = x2PSince there is no parameter having x2, it is impossible to derive x2P with the given parameters.•