Quantifying Information Leakage in RFID Systems

Radio frequency identification (RFID) systems provide large scale, automated tracking solutions and superior reliability over existing tracking systems as well as the possibility of authentication, but also pose a threat to customer privacy, which already drew great attentions from researchers in this field. In this paper the quantifying information leakage in RFID systems will be first investigated via the Shannon's information theory, and the analysis results are also extended from binary to r-ary coding systems. The secondary contribution of this paper is that based on the first part discussion a modified "hash-chain" protocol is presented that decreasing the heavy burden on back- end database to authenticate tags, which the normal hash-chain protocol computes hash function many times on every tag.

[1]  Sang Joon Kim,et al.  A Mathematical Theory of Communication , 2006 .

[2]  Ari Juels,et al.  Defining Strong Privacy for RFID , 2007, Fifth Annual IEEE International Conference on Pervasive Computing and Communications Workshops (PerComW'07).

[3]  B. P. Lathi,et al.  Modern Digital and Analog Communication Systems , 1983 .

[4]  Stephen A. Weis Security and Privacy in Radio-Frequency Identification Devices , 2003 .

[5]  Ronald L. Rivest,et al.  Security and Privacy Aspects of Low-Cost Radio Frequency Identification Systems , 2003, SPC.

[6]  Gildas Avoine Adversarial Model for Radio Frequency Identification , 2005, IACR Cryptol. ePrint Arch..

[7]  Koutarou Suzuki,et al.  Cryptographic Approach to “Privacy-Friendly” Tags , 2003 .

[8]  Melanie R. Rieback,et al.  Security and Privacy of Radio Frequency Identification , 2008 .

[9]  Ronald L. Rivest,et al.  The blocker tag: selective blocking of RFID tags for consumer privacy , 2003, CCS '03.

[10]  Ari Juels,et al.  RFID security and privacy: a research survey , 2006, IEEE Journal on Selected Areas in Communications.

[11]  Claude Castelluccia,et al.  Noisy Tags: A Pretty Good Key Exchange Protocol for RFID Tags , 2006, CARDIS.

[12]  Daniel W. Engels,et al.  RFID Systems and Security and Privacy Implications , 2002, CHES.

[13]  Daniel W. Engels,et al.  Radio Frequency Identification Systems , 2015 .

[14]  Ari Juels,et al.  Squealing Euros: Privacy Protection in RFID-Enabled Banknotes , 2003, Financial Cryptography.

[15]  Sozo Inoue,et al.  Quantitative evaluation of unlinkable ID matching schemes , 2005, WPES '05.

[16]  A. Juels,et al.  Universal Re-encryption for Mixnets , 2004, CT-RSA.