A new unpredictability‐based radio frequency identification forward privacy model and a provably secure construction

Abstract

AbstractThe privacy model of radio frequency identification (RFID) systems is for formalizing the adversarial capabilities and the security requirements of RFID anonymity and untraceability. Existing unpredictability‐based privacy models such as unp‐privacy, eunp‐privacy, unp*‐privacy, and unpτ‐privacy have captured different kinds of practical attacks, and some of them also have mutual authentication included. However, forward privacy, which allows a tag to remain untraceable even after its corruption, is yet to be well captured in any unpredictability‐based privacy models. In this paper, we describe some forward privacy‐related attacks that can be launched against RFID tags in practice. We then propose a new unpredictability‐based forward privacy model called unpfτ‐privacy. It extends an existing one called unpτ‐privacy, which has been shown to be stronger than ind‐privacy, unp‐privacy, and unp*‐privacy. We also propose an RFID protocol that supports forward privacy and mutual authentication. We show that it can be proven secure in the unpfτ‐privacy model. Copyright © 2015 John Wiley & Sons, Ltd.