Abstract : We present a taxonomy of attacks on user untraceability in RFID systems. In particular, we consider RFID systems in terms of a layered model comprising a physical layer, a communication layer, and an application layer. We classify the attacks on untraceability according to their layer and discuss their applicability.Our classification includes two new attacks. We first present an attack on the RFID protocol by Kim et al. targeting the communication-layer. We then show how an attacker could perform an application-layer attack on the public transportation system in Luxembourg.Finally, we show that even if all of his tags are untraceable a person may not be untraceable. We do this by exhibiting a realistic scenario in which the attacker uses the RFID profile of a person to trace him.
Simone Fischer-Hübner; Penny Duquenoy; Marit Hansen; Ronald Leenes; Ge Zhang. 6th International Summer School (ISS), Aug 2010, Helsingborg, Sweden. Springer, IFIP Advances in Information and Communication Technology, AICT-352, pp.192-205, 2011, Privacy and Identity Management for Life. 〈10.1007/978-3-642-20769-3_16〉
https://hal.inria.fr/hal-01559457
Contributeur : Hal Ifip
<>
Soumis le : lundi 10 juillet 2017 - 16:49:26
Dernière modification le : mardi 11 juillet 2017 - 08:41:04
Document(s) archivé(s) le : mercredi 24 janvier 2018 - 16:25:14
Ton Deursen. 50 Ways to Break RFID Privacy. Simone Fischer-Hübner; Penny Duquenoy; Marit Hansen; Ronald Leenes; Ge Zhang. 6th International Summer School (ISS), Aug 2010, Helsingborg, Sweden. Springer, IFIP Advances in Information and Communication Technology, AICT-352, pp.192-205, 2011, Privacy and Identity Management for Life. 〈10.1007/978-3-642-20769-3_16〉. 〈hal-01559457〉
