ciency and security of their products. Thus, they often implement proprietary lightweight cryptographic algorithms which of the specifications are not public and thus are typically not sufficiently evaluated. As for MiFare Classic, these algorithms can often be reverse- engineered, which allows cryptanalysis or efficient key search by running the algorithms on more powerful hardware. In the case of MiFare Classic both ways allowed to break the security goals of these tags at a point in time where they were already widely used in practice.
10.4 Secure and Privacy-preserving Protocols for E-Tickets 10.4.1 Existing Solutions
Privacy-preserving e-tickets are discussed in a few papers. In [86], the authors sketch an anonymous payment system for public transit based on anonymous credentials [39] and e-cash [37]. They propose tickets to be managed either by RFID tags or mobile com- puting devices like mobile phones or PDAs. As pointed out in Section 3.3.2, anonymous credentials and e-cash are not applicable to currently available RFID devices whereas the use of mobile phones or PDAs for managing e-tickets introduces several other drawbacks.
10.4.2 Anonymizer-based Solutions
Anonymizer-enabled protocols provide an easy and cost-efficient way to allow operators of RFID systems to enable privacy for the concerned users of ticket systems (who may buy his/her own personal anonymizer) with only minor extra costs. The main advantage of this approach is that existing RFID technology can be used without requiring additional hardware on the ticket. Anonymizers can be realized as a software on the users’ NFC- enabled smartphones or integrated into the RFID readers used to verify the tickets. Depending on the concrete requirements on the ticket system either of the two schemes described in Chapter 5 can be used to perform privacy-preserving authentications of tickets. While the protocols described in Section 5.3.2 are highly efficient in the sense that they require the tags to perform only a lightweight cryptographic hash function and some basic arithmetic operations (such as addition or multiplication), the scheme in Section 5.4.2 achieves full anonymity even against a collusion of malicious verifiers and anonymizers at the cost of higher computational and storage requirements on the tag.
10.4.3 PUF-based Solutions
Physically Unclonable Functions (PUFs) are a very promising approach to enhance the cloning-resistance of cost-efficient RFID-based electronic tickets. As discussed in Chap- ter 9, PUFs and the required post-processing algorithms (error correction and privacy- amplification) can be implemented with minimal costs. The PUF-based authentica- tion scheme presented in Section 9.2.2 can be combined with different PUF types and lightweight hash algorithms that allow for highly area and power optimized implemen- tations that are perfectly suited for the authentication of RFID-based electronic tickets. However, the helper data transferred from the tag to the reader typically leaks some information on the underlying PUF response that may be sufficient to identify and trace the ticket.
One approach that benefits from the cloning-resistance of PUFs and at the same time uses the PUF to enhance user privacy is described in Section 9.3.1. This protocol achieves secure tag authentication and one of the strongest privacy notions, destructive privacy, in a variant of the V-Model. This means that the protocol provides untraceability of tickets against adversaries that permanently destroy the ticket by physically attacking it, e.g., in an attempt to reverse-engineer the ticket hardware.
11 Conclusion
11.1 Summary
In this work, we addressed the problem of designing efficient, secure and privacy-preserving authentication protocols that are applicable to real-world RFID systems. Specifically, we pointed out subtle issues in state-of-the art RFID security and privacy models, proposed the first security framework for anonymizer-enabled RFID systems and designed novel anonymizer-based privacy-preserving authentication schemes. We advanced the existing work on PUFs and PUF-based authentication by analyzing the most common electronic PUF types implemented in ASIC, introducing a formal security framework for PUFs and presenting practical lightweight and privacy-preserving PUF-based authentication protocols.
Analysis of the state-of-the-art in RFID security and privacy. We analyzed one of the most comprehensive RFID security and privacy models [190, 150], which generalizes and improves many previous works. We pointed out weaknesses and deficiencies in this model and investigated some subtle issues such as tag corruption aspects. More detailed, we showed that the formal definition of tag corruption discloses the temporary memory content of tags and leads to the impossibility of achieving both mutual authentication and any reasonable notion of privacy in their model. Moreover, we showed that the strongest privacy notion (narrow-strong privacy) cannot be achieved simultaneously with reader authentication even under the strong assumption that tag corruption does not disclose the temporary memory content of tags. These results led to the refinement of the Paise and Vaudenay RFID security and privacy model [191] and they were considered in several subsequent works on RFID systems [84, 53].
Security & privacy framework for anonymizer-enabled RFID systems. We presented the first security and privacy framework for anonymizer-enabled RFID sys- tems and two privacy-preserving RFID authentication schemes using anonymizers. Both schemes achieve several appealing features that were not simultaneously achieved by any
previous proposal. The first scheme is very efficient for all involved entities, in particular for the tags that only have to perform minimal computations. The protocol achieves pri- vacy under tag corruption and is secure against impersonation attacks and forgeries even if the adversary can corrupt the anonymizers. The second scheme provides anonymity and untraceability of tags against readers as well as secure tag authentication against col- lisions of malicious readers and anonymizers using cost-efficient tags that cannot perform public-key cryptography (i.e., modular exponentiations).
First large-scale analysis of PUF implementations in ASIC. A promising ap- proach to enhance the cloning-resistance of RFID tags with minimal overhead on the tag side are Physically Unclonable Functions (PUFs). We presented the first large-scale security analysis of ASIC implementations of the five most popular electronic PUF types, including Arbiter, Ring Oscillator, SRAM, Flip-flop and Latch PUFs that are suitable for the integration into RFID tags. Our analysis is based on PUF data obtained at different operating conditions from 96 ASICs containing multiple PUF instances, which have been manufactured in TSMC 65 nm CMOS technology. We presented an evaluation method- ology and quantified the robustness and unpredictability properties of PUF responses, which are fundamental for the integration of PUFs into cryptographic primitives and protocols, such as authentication schemes. Since all PUFs have been implemented in the same ASIC and analyzed with the same evaluation methodology, our results allow for the first time a fair comparison of their properties.
Our evaluation results show that all PUFs in the ASIC are sufficiently robust for practical applications. However, not all of them achieve the unpredictability property. In particular, the responses of Arbiter PUFs have very low entropy, while the entropy of Flip-flop and Latch PUF responses is affected by temperature variations. In contrast, the Ring Oscillator and SRAM PUFs seem to achieve all desired properties of a PUF: Their challenge/response behavior hardly changes under different operating conditions and the entropy of their responses is quite high. Furthermore, the responses generated by different Ring Oscillator and SRAM PUF instances seem to be independent, which means that the adversary cannot predict the response of a PUF based on the challenge/response pairs of another PUF. However, the min-entropy, i.e., the minimum number of random bits observed in a response of the Ring Oscillator PUF, is low, which means that some responses can be guessed with high probability.