As Radio Frequency Identification (RFID) systems have been enormously used in fields like commerce and logistics, a wide spectrum of applications call for privacy-preserved group management in RFID systems, which requires a legitimate reader and a particular group of tags to share one single group key without leaking any private information of individual tags. With backscatter communications using plain text in RFID systems, it is very challenging to achieve privacy-preserved group management because the reader has to notify those tags in the group with the generated group key by broadcasting. With open wireless channels, adversaries can obtain any information exchanging between the reader and tags by eavesdropping or even launch impersonation attacks. In this paper, we propose an innovative wireless private group key generation scheme, called WiGen, with which a legitimate reader can generate a group key among itself and those tags in the required group. By effectively leveraging a Bloom filter, the reader can notify those designated tags in the group without leaking the private information of those tags. Furthermore, with WiGen, both the reader and the group tags can authenticate each other and achieve the key agreement at the same time. In addition, WiGen is a very light-weighted protocol and can be implemented on current RFID systems. Through intensive efficiency analysis and formal proof of privacy, we show that WiGen can provide an efficient and strong protection for group management applications of RFID systems. Moreover, the implementation on WISP RFID tags and experiment results demonstrate the feasibility and efficacy of WiGen.
[1]
Claude Castelluccia,et al.
Shake them up!: a movement-based pairing protocol for CPU-constrained devices
,
2005,
MobiSys '05.
[2]
Kaisa Nyberg,et al.
Enhancements to Bluetooth Baseband Security
,
2007
.
[3]
Frank Stajano,et al.
The Resurrecting Duckling: Security Issues for Ad-hoc Wireless Networks
,
1999,
Security Protocols Workshop.
[4]
Wade Trappe,et al.
Radio-telepathy: extracting a secret key from an unauthenticated wireless channel
,
2008,
MobiCom '08.
[5]
James Docherty,et al.
A flexible hardware implementation of SHA-1 and SHA-2 Hash Functions
,
2011,
2011 IEEE International Symposium of Circuits and Systems (ISCAS).
[6]
Adrian Perrig,et al.
Message-in-a-bottle: user-friendly and secure key deployment for sensor nodes
,
2007,
SenSys '07.
[7]
Ronald L. Rivest,et al.
Security and Privacy Aspects of Low-Cost Radio Frequency Identification Systems
,
2003,
SPC.
[8]
Ari Juels,et al.
RFID security and privacy: a research survey
,
2006,
IEEE Journal on Selected Areas in Communications.
[9]
Sneha Kumar Kasera,et al.
Secret Key Extraction from Wireless Signal Strength in Real Environments
,
2009,
IEEE Transactions on Mobile Computing.
[10]
Mihir Bellare,et al.
Random oracles are practical: a paradigm for designing efficient protocols
,
1993,
CCS '93.