Tackling Security and Privacy Issues in Radio Frequency Identification Devices

This paper introduces shortly into the security and privacy issues of RFID systems and presents a simple approach to greatly enhance location privacy by changing traceable identifiers securely on every read attempt. The scheme gets by with only a single, unreliable message exchange. By employing one-way hash functions the scheme is safe from many security threats. It is intended for use in item identification but is useful in other applications as well.

[1]  James P. Titus,et al.  Security and Privacy , 1967, 2022 IEEE Future Networks World Forum (FNWF).

[2]  Daniel W. Engels,et al.  RFID Systems and Security and Privacy Implications , 2002, CHES.

[3]  Christof Paar,et al.  Cryptographic Hardware and Embedded Systems - CHES 2006, 8th International Workshop, Yokohama, Japan, October 10-13, 2006, Proceedings , 2006, CHES.

[4]  Martín Abadi,et al.  Authentication and Delegation with Smart-cards , 1991, TACS.

[5]  Christof Paar,et al.  Cryptographic Hardware and Embedded Systems - CHES 2002 , 2003, Lecture Notes in Computer Science.

[6]  Ronald L. Rivest,et al.  Security and Privacy Aspects of Low-Cost Radio Frequency Identification Systems , 2003, SPC.

[7]  Paul Müller,et al.  Hash-based enhancement of location privacy for radio-frequency identification devices using varying identifiers , 2004, IEEE Annual Conference on Pervasive Computing and Communications Workshops, 2004. Proceedings of the Second.

[8]  Steve H. Weingart Physical Security Devices for Computer Subsystems: A Survey of Attacks and Defences , 2000, CHES.

[9]  Ari Juels,et al.  Squealing Euros: Privacy Protection in RFID-Enabled Banknotes , 2003, Financial Cryptography.

[10]  D. McCullagh RFID tags : Big Brother in small pachkages , 2003 .

[11]  David Chaum,et al.  Untraceable electronic mail, return addresses, and digital pseudonyms , 1981, CACM.

[12]  Ronald L. Rivest,et al.  The blocker tag: selective blocking of RFID tags for consumer privacy , 2003, CCS '03.

[13]  Stephen A. Weis Security and Privacy in Radio-Frequency Identification Devices , 2003 .

[14]  Ari Juels,et al.  A Two-Server, Sealed-Bid Auction Protocol , 2002, Financial Cryptography.