Revisiting DoS Attacks and Privacy in RFID-Enabled Networks Algorithmic Aspects of Wireless Sensor Networks

Vaudenay presented in [ASIACRYPT 2007] a general RFID security and privacy model that abstracts some previous works in a single, concise, and much more understandable framework. He introduced eight distinct notions of privacy, corresponding to adversaries of different strength, and proved some possibility and impossibility results for such privacy notions. However, some interesting problems as: 1) achieving stronger privacy using low-cost tags (i.e., tags that usually can not perform public-key cryptography), 2) achieving stronger privacy in presence of side-channel attacks (e.g., DoS attacks, detection of the outputs of identification protocols), and 3) achieving stronger privacy under standard complexity-theoretic assumptions , are still left open. In this paper, we address the above problems and give two contributions. First of all we show that Vaudenay’s privacy notions are impossible to achieve in presence of DoS attacks. Therefore, we extend the model to better reflect the real-world scenario, where these attacks are easy to mount (e.g., by physically destroying/making inactive tags). More precisely, we refine Vaudenay’s privacy model to deal with DoS and DoS-like attacks, and introduce an additional privacy notion, referred to as semi-destructive privacy, which takes into account hardware features of some real-world tags. Then, we show an efficient RFID protocol that, by only using symmetric-key cryptography, satisfies the notion of semi-destructive privacy, under standard complexity-theoretic assumptions .