Defining Strong Privacy for RFID

In this work, we consider privacy in radio frequency identification (RFID) systems. Our contribution is twofold: (1) we propose a simple, formal definition of strong privacy useful for basic analysis of RFID systems, as well as a different (weaker) definition applicable to multi-verifier systems; and (2) we apply our definition to reveal vulnerabilities in proposed privacy-enhancing RFID protocols. This paper is a highly abbreviated version of Juels, A et al, (2005)

[1]  Philippe Oechslin,et al.  Reducing Time Complexity in RFID Systems , 2005, Selected Areas in Cryptography.

[2]  Philippe Oechslin,et al.  A scalable and provably secure hash-based RFID protocol , 2005, Third IEEE International Conference on Pervasive Computing and Communications Workshops.

[3]  Sozo Inoue,et al.  Quantitative evaluation of unlinkable ID matching schemes , 2005, WPES '05.

[4]  David A. Wagner,et al.  Privacy and security in library RFID: issues, practices, and architectures , 2004, CCS '04.

[5]  Bing Jiang,et al.  Some Methods for Privacy in RFID Communication , 2004, ESAS.

[6]  Ari Juels,et al.  RFID security and privacy: a research survey , 2006, IEEE Journal on Selected Areas in Communications.

[7]  Ari Juels,et al.  Minimalist Cryptography for Low-Cost RFID Tags , 2004, SCN.

[8]  Philippe Oechslin,et al.  RFID Traceability: A Multilayer Problem , 2005, Financial Cryptography.

[9]  Atsushi Kanai,et al.  Privacy Enhanced Active RFID Tag , 2005 .

[10]  Gene Tsudik,et al.  YA-TRAP: yet another trivial RFID authentication protocol , 2006, Fourth Annual IEEE International Conference on Pervasive Computing and Communications Workshops (PERCOMW'06).

[11]  Martin E. Hellman,et al.  A cryptanalytic time-memory trade-off , 1980, IEEE Trans. Inf. Theory.

[12]  Ronald L. Rivest,et al.  The blocker tag: selective blocking of RFID tags for consumer privacy , 2003, CCS '03.

[13]  David A. Wagner,et al.  A Scalable, Delegatable Pseudonym Protocol Enabling Ownership Transfer of RFID Tags , 2005, IACR Cryptol. ePrint Arch..

[14]  Ari Juels,et al.  Defining Strong Privacy for RFID , 2007, Fifth Annual IEEE International Conference on Pervasive Computing and Communications Workshops (PerComW'07).

[15]  Christian Damsgaard Jensen,et al.  Zero-knowledge Device Authentication: Privacy & Security Enhanced RFID preserving Business Value and Consumer Convenience , 2004, PST.

[16]  Gildas Avoine Adversarial Model for Radio Frequency Identification , 2005, IACR Cryptol. ePrint Arch..

[17]  A. Juels,et al.  Universal Re-encryption for Mixnets , 2004, CT-RSA.