Information confinement, privacy, and security in RFID systems

Roberto Di Pietro, Refik Molva

Research output: Chapter in Book/Report/Conference proceedingConference contribution

22 Scopus citations

Abstract

This paper describes an identification and authentication protocol for RFID tags with two contributions aiming at enhancing the security and privacy of RFID based systems. First, we assume that some of the servers storing the information related to the tags can be compromised. In order to protect the tags from potentially malicious servers, we devise a technique that makes RFID identification server-dependent, providing a different unique secret key shared by each pair of tag and server. The proposed solution requires the tag to store only a single secret key, regardless of the number of servers, thus fitting the constraints on tag's memory. Second, we provide a probabilistic tag identification scheme that requires the server to perform simple bitwise operations, thus speeding up the identification process. The proposed tag identification protocol assures privacy, mutual authentication and resilience to both DoS and replay attacks. Finally, each of the two schemes described in this paper can be independently implemented to enhance the security of existing RFID protocols. © Springer-Verlag Berlin Heidelberg 2007.
Original languageEnglish (US)
Title of host publicationLecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics)
PublisherSpringer Verlag
Pages187-202
Number of pages16
ISBN (Print)9783540748342
DOIs
StatePublished - Jan 1 2007
Externally publishedYes

Fingerprint

Dive into the research topics of 'Information confinement, privacy, and security in RFID systems'. Together they form a unique fingerprint.

Cite this