Noisy Tags: A Pretty Good Key Exchange Protocol for RFID Tags

We propose a protocol that can be used between an RFID tag and a reader to exchange a secret without performing any expensive computation. Similarly to the famous blocker tag suggested by Juels, Rivest, and Szydlo, our scheme makes use of special tags that we call noisy tags. Noisy tags are owned by the reader's manager and set out within the reader's field. They are regular RFID tags that generate noise on the public channel between the reader and the queried tag, such that an eavesdropper cannot differentiate the messages sent by the queried tag from the ones sent by the noisy tag. Consequently, she is unable to identify the secret bits that are sent to the reader. Afterwards, the secret shared by the reader and the tag can be used to launch a secure channel in order to protect communications against eavesdroppers. It can also be used to securely refresh a tag's identifier by, for example, xoring the new identifier with the exchanged secret key. Refreshing tags' identifiers improves privacy since it prevents tracking tags.

[1]  Kaan Yuksel,et al.  Universal Hashing for Ultra-Low-Power Cryptographic Hardware Applications , 2004 .

[2]  Philippe Oechslin,et al.  RFID Traceability: A Multilayer Problem , 2005, Financial Cryptography.

[3]  Sandra Dominikus,et al.  Strong Authentication for RFID Systems Using the AES Algorithm , 2004, CHES.

[4]  David A. Wagner,et al.  Privacy and security in library RFID: issues, practices, and architectures , 2004, CCS '04.

[5]  Melanie R. Rieback,et al.  Security and Privacy of Radio Frequency Identification , 2008 .

[6]  Frank Stajano,et al.  The Resurrecting Duckling: Security Issues for Ad-hoc Wireless Networks , 1999, Security Protocols Workshop.

[7]  Claude Castelluccia,et al.  Shake them up!: a movement-based pairing protocol for CPU-constrained devices , 2005, MobiSys '05.

[8]  Jaap-Henk Hoepman Ephemeral Pairing on Anonymous Networks , 2005, SPC.

[9]  Jaap-Henk Hoepman The Ephemeral Pairing Problem , 2004, Financial Cryptography.

[10]  David A. Wagner,et al.  Security and Privacy Issues in E-passports , 2005, First International Conference on Security and Privacy for Emerging Areas in Communications Networks (SECURECOMM'05).

[11]  Philippe Oechslin,et al.  Reducing Time Complexity in RFID Systems , 2005, Selected Areas in Cryptography.

[12]  Ronald L. Rivest,et al.  The blocker tag: selective blocking of RFID tags for consumer privacy , 2003, CCS '03.

[13]  Kaisa Nyberg,et al.  Enhancements to Bluetooth Baseband Security , 2007 .

[14]  Stephen A. Weis Security and Privacy in Radio-Frequency Identification Devices , 2003 .