• 主题
高级搜索  >
历史搜索 清空历史
首页> 外文会议>Radio frequency identification : Security and privacy issues >Time Measurement Threatens Privacy-Friendly RFID Authentication Protocols
【24h】

Time Measurement Threatens Privacy-Friendly RFID Authentication Protocols

机译:时间测量影响隐私友好的RFID身份验证协议

获取原文
获取原文并翻译 | 示例
页面导航
  • 摘要
  • 著录项
  • 相似文献
  • 相关主题

摘要

Privacy is one of the most important security concerns in radio frequency identification. The publication of hundred RFID-based authentication protocols during the last decade raised the need of design-ing a dedicated privacy model. An important step has been done with the model of Vaudenay that combines early models into a unified and power-ful one. In particular, this model addresses the case where an adversary is able to know whether or not the protocol execution succeeded. This modelizes the fact that the adversary may get information from a side channel about the termination of the protocol, e.g., she notices that the access is granted to the RFID-tag holder. We go one step forward in this paper and stress that the adversary may also have access to a side chan-nel that leaks the computational time of the reader. This modelizes an adversary who measures how long it takes to grant the access. Although this channel could be seen as an implementation flaw, we consider that it is always risky to require the implementation to solve what the design should deal with. This new channel enables to demonstrate that many key-reference protocols are not as privacy-friendly as they claim to be, e.g., WSRE, OSK, C~2, O-FRAP, O-FRAKE,... We then introduce the TIMEFUL oracle in the model of Vaudenay, which allows to analyze the resistance of the protocols to time-based attacks as soon as the de-sign phase. Finally, we suggest some methods that make RFID-based authentication protocols immune to such attacks.
机译:隐私是射频识别中最重要的安全问题之一。在过去的十年中,一百种基于RFID的身份验证协议的发布提出了设计专用隐私模型的需求。 Vaudenay模型已迈出了重要的一步,该模型将早期模型组合成一个统一且功能强大的模型。特别地,该模型解决了对手能够知道协议执行是否成功的情况。这模型化了一个事实,即对手可以从边信道获得有关协议终止的信息,例如,她注意到访问已授予RFID标签持有者。我们在本文中向前走了一步,并强调对手也可能会访问侧道,这会浪费读者的计算时间。这可以模拟一个对手,该对手测量授予访问权限所需的时间。尽管此渠道可能被视为实现缺陷,但我们认为要求实现解决设计应处理的问题总是有风险的。这个新频道可以证明许多键参考协议并不像它们声称的那样对隐私友好,例如WSRE,OSK,C〜2,O-FRAP,O-FRAKE...。然后我们介绍TIMEFUL Vaudenay模型中的oracle,它允许在设计阶段尽快分析协议对基于时间的攻击的抵抗力。最后,我们提出了一些使基于RFID的身份验证协议免受此类攻击的方法。

著录项

相似文献

  • 外文文献
  • 中文文献
  • 专利
获取原文

客服邮箱:kefu@zhangqiaokeyan.com

京公网安备:11010802029741号 ICP备案号:京ICP备15016152号-6 六维联合信息科技 (北京) 有限公司©版权所有

  • 客服微信

  • 服务号