Abstract
We present a formal model for stateful security protocols. This model is used to define ownership and ownership transfer as concepts as well as security properties. These definitions are based on an intuitive notion of ownership related to physical ownership. They are aimed at RFID systems, but should be applicable to any scenario sharing the same intuition of ownership. We discuss the connection between ownership and the notion of desynchronization resistance and give the first formal definition of the latter. We apply our definitions to existing RFID protocols, exhibiting attacks on desynchronization resistance, secure ownership, and secure ownership transfer.
Original language | English |
---|---|
Title of host publication | Computer Security - ESORICS 2009 |
Subtitle of host publication | 14th European Symposium on Research in Computer Security Saint-Malo, France, September 21-23, 2009. Proceedings |
Editors | Michael Backes, Peng Ning |
Place of Publication | Berlin |
Publisher | Springer Verlag |
Pages | 637-654 |
Number of pages | 18 |
ISBN (Print) | 9783642044434 |
DOIs | |
Publication status | Published - 2009 |
Event | 14th European Symposium on Research in Computer Security - Palais du Grand Large, Congress center of Saint Malo, Saint-Malo, France Duration: 21 Sept 2009 → 23 Sept 2009 http://conferences.telecom-bretagne.eu/esorics2009/EN/home.php (Link to Conference website) |
Publication series
Name | Lecture Notes in Computer Science |
---|---|
Volume | 5789 |
ISSN (Print) | 0302-9743 |
ISSN (Electronic) | 1611-3349 |
Conference
Conference | 14th European Symposium on Research in Computer Security |
---|---|
Abbreviated title | ESORICS 2009 |
Country/Territory | France |
City | Saint-Malo |
Period | 21/09/09 → 23/09/09 |
Internet address |
|
Keywords
- Desynchronization resistance
- Formal verification
- Ownership
- Ownership transfer
- RFID protocols
ASJC Scopus subject areas
- General Computer Science
- Theoretical Computer Science