A Scalable RFID Authentication Protocol Supporting Ownership Transfer and Controlled Delegation

RFID systems allow fast and automatic identification of RFID tags through a wireless channel. Information on product items like name, model, purpose, expiration date, etc., can be easily stored and retrieved from RFID tags attached to items. That is why, in the near future, RFID tags can be an active part of our everyday life when interacting with items around us. Frequently, such items may change hands during their life-cycle. Therefore, beyond RFID identification protocols, there is a need for secure and private ownership transfer protocols in RFID systems. To ensure privacy to tag owners, the keys of tags are usually updated during the ownership transfer process. However, none of the previous proposals takes advantage of this property to improve the system scalability. To the best of our knowledge, we propose the first RFID identification protocol supporting ownership transfer that is secure, private and scalable. Furthermore, our proposal achieves other valuable properties related to ownership transfer, such as controlled delegation and decentralization.

[1]  Joaquin Garcia-Alfaro,et al.  Data Privacy Management and Autonomous Spontaneous Security, 4th International Workshop, DPM 2009 and Second International Workshop, SETOP 2009, St. Malo, France, September 24-25, 2009, Revised Selected Papers , 2010, DPM/SETOP.

[2]  Basel Alomair,et al.  Privacy versus scalability in radio frequency identification systems , 2010, Comput. Commun..

[3]  Kouichi Sakurai,et al.  Reassignment Scheme of an RFID Tag's Key for Owner Transfer , 2005, EUC Workshops.

[4]  Reihaneh Safavi-Naini,et al.  Practical RFID ownership transfer scheme , 2011, J. Comput. Secur..

[5]  Oliver Günther,et al.  RFID in the Supply Chain: How to Obtain a Positive ROI - The Case of Gerry Weber , 2009, ICEIS.

[6]  Wei-Bin Lee,et al.  Enhancement of the RFID security method with ownership transfer , 2009, ICUIMC '09.

[7]  David A. Wagner,et al.  A Scalable, Delegatable Pseudonym Protocol Enabling Ownership Transfer of RFID Tags , 2005, IACR Cryptol. ePrint Arch..

[8]  Philippe Oechslin,et al.  Reducing Time Complexity in RFID Systems , 2005, Selected Areas in Cryptography.

[9]  Selwyn Piramuthu,et al.  Vulnerabilities in Some Recently Proposed RFID Ownership Transfer Protocols , 2009, 2009 First International Conference on Networks & Communications.

[10]  Alexandre Viejo,et al.  Secure and Scalable RFID Authentication Protocol , 2010, DPM/SETOP.

[11]  Aggelos Kiayias,et al.  Polynomial Reconstruction Based Cryptography , 2001, Selected Areas in Cryptography.

[12]  Tsuyoshi Takagi,et al.  An Efficient and Secure RFID Security Method with Ownership Transfer , 2006, 2006 International Conference on Computational Intelligence and Security.

[13]  Eun-Jun Yoon,et al.  Two Security Problems of RFID Security Method with Ownership Transfer , 2008, 2008 IFIP International Conference on Network and Parallel Computing.

[14]  Sepideh Fouladgar An Efficient Delegation and Transfer of Ownership Protocol for RFID tags , 2007 .

[15]  Tassos Dimitriou rfidDOT: RFID delegation and ownership transfer made simple , 2008, SecureComm.

[16]  Marc Langheinrich,et al.  A survey of RFID privacy approaches , 2009, Personal and Ubiquitous Computing.

[17]  Laurence T. Yang,et al.  Embedded and Ubiquitous Computing - EUC 2005 Workshops, EUC 2005 Workshops: UISW, NCUS, SecUbiq, USN, and TAUES, Nagasaki, Japan, December 6-9, 2005, Proceedings , 2005, EUC Workshops.

[18]  Chris J. Mitchell,et al.  Scalable RFID security protocols supporting tag ownership transfer , 2011, Comput. Commun..