Provably Secure Ubiquitous Systems: Universally Composable RFID Authentication Protocols

Abstract

This paper examines two unlinkably anonymous, simple RFID identification protocols that require only the ability to evaluate hash functions and generate random values, and that are provably secure against Byzantine adversaries. The main contribution is a universally composable security model tuned for RFlD applications. By making specific setup, communication, and concurrency assumptions that are realistic in the RFID application setting, we arrive at a model that guarantees strong security and availability properties, while still permitting the design of practical RFID protocols. We show that two protocols are provably secure within the new security model. Our proofs do not employ random oracles - the protocols are shown to be secure in the standard model under the assumption of existence of pseudo-random function families