论文信息 - Secure and Practical Key Distribution for RFID-Enabled Supply Chains

Secure and Practical Key Distribution for RFID-Enabled Supply Chains

In this paper, we present a fine-grained view of an RFID-enabled supply chain and tackle the secure key distribution problem on a peer-to-peer base. In our model, we focus on any pair of consecutive parties along a supply chain, who agreed on a transaction and based on which, certain RFID-tagged goods are to be transferred by a third party from one party to the other as in common supply chain practice. Under a strong adversary model, we identify and define the security requirements with those parties during the delivery process. To meet the security goal, we first propose a resilient secret sharing (RSS) scheme for key distribution among the three parties and formally prove its security against privacy and robustness adversaries. In our construction, the shared (and recovered) secrets can further be utilized properly on providing other desirable security properties such as tag authenticity, accessibility and privacy protection. Compared with existing approaches, our work is more resilient, secure and provides richer features in supply chain practice. Moreover, we discuss the parameterization issues and show the flexibility on applying our work in real-world deployments.

[1] Marc Langheinrich,et al. Practical Minimalist Cryptography for RFID Privacy , 2007, IEEE Systems Journal.

[2] Mihir Bellare,et al. Robust computational secret sharing and a unified account of classical secret-sharing goals , 2007, CCS '07.

[3] Ari Juels,et al. Strengthening EPC tags against cloning , 2005, WiSe '05.

[4] R. J. McEliece,et al. On sharing secrets and Reed-Solomon codes , 1981, CACM.

[5] K. Brown,et al. Graduate Texts in Mathematics , 1982 .

[6] Yingjiu Li,et al. Protecting RFID communications in supply chains , 2007, ASIACCS '07.

[7] Mihir Bellare,et al. OCB: a block-cipher mode of operation for efficient authenticated encryption , 2001, CCS '01.

[8] Adi Shamir,et al. How to share a secret , 1979, CACM.

[9] David A. Wagner,et al. Privacy and security in library RFID: issues, practices, and architectures , 2004, CCS '04.

[10] Steven Roman,et al. Coding and information theory , 1992 .

[11] Bryan Parno,et al. Unidirectional Key Distribution Across Time and Space with Applications to RFID Security , 2008, USENIX Security Symposium.