Security and Privacy Aspects of Low-Cost Radio Frequency Identification Systems
TL;DR: Privacy and security risks and how they apply to the unique setting of low-cost RFID devices are described and several security mech- anisms are proposed and suggested areas for future research are suggested.
Abstract: Like many technologies, low-cost Radio Frequency Identification (RFID) systems will become pervasive in our daily lives when affixed to every- day consumer items as "smart labels". While yielding great productivity gains, RFID systems may create new threats to the security and privacy of individuals or organizations. This paper presents a brief description of RFID systems and their operation. We describe privacy and security risks and how they apply to the unique setting of low-cost RFID devices. We propose several security mech- anisms and suggest areas for future research.
Citations
More filters
TL;DR: This survey examines approaches proposed by scientists for privacy protection and integrity assurance in RFID systems, and treats the social and technical context of their work.
Abstract: This paper surveys recent technical research on the problems of privacy and security for radio frequency identification (RFID). RFID tags are small, wireless devices that help identify objects and people. Thanks to dropping cost, they are likely to proliferate into the billions in the next several years-and eventually into the trillions. RFID tags track objects in supply chains, and are working their way into the pockets, belongings, and even the bodies of consumers. This survey examines approaches proposed by scientists for privacy protection and integrity assurance in RFID systems, and treats the social and technical context of their work. While geared toward the nonspecialist, the survey may also serve as a reference for specialist readers.
1,994 citations
Cites background from "Security and Privacy Aspects of Low..."
...As we shall see, researchers have devised a farrago of lightweight technical approaches to the problems of privacy and authentication....
[...]
TL;DR: This paper compares security issues between IoT and traditional network, and discusses opening security issues of IoT, and analyzes the cross-layer heterogeneous integration issues and security issues in detail and discusses the security issues as a whole.
Abstract: Internet of Things (IoT) is playing a more and more important role after its showing up, it covers from traditional equipment to general household objects such as WSNs and RFID. With the great potential of IoT, there come all kinds of challenges. This paper focuses on the security problems among all other challenges. As IoT is built on the basis of the Internet, security problems of the Internet will also show up in IoT. And as IoT contains three layers: perception layer, transportation layer and application layer, this paper will analyze the security problems of each layer separately and try to find new problems and solutions. This paper also analyzes the cross-layer heterogeneous integration issues and security issues in detail and discusses the security issues of IoT as a whole and tries to find solutions to them. In the end, this paper compares security issues between IoT and traditional network, and discusses opening security issues of IoT.
1,060 citations
Cites background from "Security and Privacy Aspects of Low..."
...Data Privacy: RFID security and privacy technologies can be divided into two categories: physical-based schemes and password-based schemes, the former sends deactivation kill command [36], block tags [36, 37], clip tags, pseudonyms tags [38], Faraday nets, signal interference [39], antenna energy analysis [40] etc....
[...]
27 Oct 2003
TL;DR: This work proposes the use of "selective blocking" by "blocker tags" as a way of protecting consumers from unwanted scanning of RFID tags attached to items they may be carrying or wearing, and believes that this approach provides a very attractive alternative for addressing privacy concerns raised by the potential (and likely) widespread use ofRFID tags in consumer products.
Abstract: We propose the use of "selective blocking" by "blocker tags" as a way of protecting consumers from unwanted scanning of RFID tags attached to items they may be carrying or wearing.While an ordinary RFID tag is a simple, cheap (e.g. five-cent) passive device intended as an "electronic bar-code" for use in supply-chain management, a blocker tag is a cheap passive RFID device that can simulate many ordinary RFID tags simultaneously. When carried by a consumer, a blocker tag thus "blocks" RFID readers. It can do so universally by simulating all possible RFID tags. Or a blocker tag can block selectively by simulating only selected subsets of ID codes, such as those by a particular manufacturer, or those in a designated "privacy zone.We believe that this approach, when used with appropriate care, provides a very attractive alternative for addressing privacy concerns raised by the potential (and likely) widespread use of RFID tags in consumer products.We also discuss possible abuses arising from blocker tags, and means for detecting and dealing with them.
925 citations
14 Aug 2005
TL;DR: This paper analyzes a particular human-to-computer authentication protocol designed by Hopper and Blum (HB), and shows it to be practical for low-cost pervasive devices, and proves the security of the HB+ protocol against active adversaries based on the hardness of the Learning Parity with Noise (LPN) problem.
Abstract: Forgery and counterfeiting are emerging as serious security risks in low-cost pervasive computing devices. These devices lack the computational, storage, power, and communication resources necessary for most cryptographic authentication schemes. Surprisingly, low-cost pervasive devices like Radio Frequency Identification (RFID) tags share similar capabilities with another weak computing device: people.
These similarities motivate the adoption of techniques from human-computer security to the pervasive computing setting. This paper analyzes a particular human-to-computer authentication protocol designed by Hopper and Blum (HB), and shows it to be practical for low-cost pervasive devices. We offer an improved, concrete proof of security for the HB protocol against passive adversaries.
This paper also offers a new, augmented version of the HB protocol, named HB+, that is secure against active adversaries. The HB+ protocol is a novel, symmetric authentication protocol with a simple, low-cost implementation. We prove the security of the HB+ protocol against active adversaries based on the hardness of the Learning Parity with Noise (LPN) problem.
767 citations
Cites background from "Security and Privacy Aspects of Low..."
...Rather than sharing a single k-bit random secret x, the tag and reader now share an additional k-bit random secret y. Unlike the case in the HB protocol, the tag in the HB+ protocol first generates random k-bit “blinding” vector b and sends it to the reader....
[...]
25 Oct 2004
TL;DR: Privacy issues related to Radio Frequency Identification in libraries are exposed, current deployments are described, and a simple scheme is given that provides security against a passive eavesdropper using XOR alone, without pseudo-random functions or other heavy crypto operations.
Abstract: We expose privacy issues related to Radio Frequency Identification (RFID) in libraries, describe current deployments, and suggest novel architectures for library RFID. Libraries are a fast growing application of RFID; the technology promises to relieve repetitive strain injury, speed patron self-checkout, and make possible comprehensive inventory. Unlike supply-chain RFID, library RFID requires item-level tagging, thereby raising immediate patron privacy issues. Current conventional wisdom suggests that privacy risks are negligible unless an adversary has access to library databases. We show this is not the case. In addition, we identify private authentication as a key technical issue: how can a reader and tag that share a secret efficiently authenticate each other without revealing their identities to an adversary? Previous solutions to this problem require reader work linear in the number of tags. We give a general scheme for building private authentication with work logarithmic in the number of tags, given a scheme with linear work as a sub protocol. This scheme may be of independent interest beyond RFID applications. We also give a simple scheme that provides security against a passive eavesdropper using XOR alone, without pseudo-random functions or other heavy crypto operations.
751 citations
References
More filters
Book•
01 Jan 1996TL;DR: A valuable reference for the novice as well as for the expert who needs a wider scope of coverage within the area of cryptography, this book provides easy and rapid access of information and includes more than 200 algorithms and protocols.
Abstract: From the Publisher:
A valuable reference for the novice as well as for the expert who needs a wider scope of coverage within the area of cryptography, this book provides easy and rapid access of information and includes more than 200 algorithms and protocols; more than 200 tables and figures; more than 1,000 numbered definitions, facts, examples, notes, and remarks; and over 1,250 significant references, including brief comments on each paper.
13,597 citations
"Security and Privacy Aspects of Low..." refers background or methods in this paper
...The formal definition of a one-way function only establishes the difficulty of inverting the function output [ 19 , 10]....
[...]
...Accepting the resource limitations of low-cost tags, we offer a simple security scheme based on one-way hash functions [ 19 ]....
[...]
15 Aug 1999
TL;DR: In this paper, the authors examine specific methods for analyzing power consumption measurements to find secret keys from tamper resistant devices. And they also discuss approaches for building cryptosystems that can operate securely in existing hardware that leaks information.
Abstract: Cryptosystem designers frequently assume that secrets will be manipulated in closed, reliable computing environments. Unfortunately, actual computers and microchips leak information about the operations they process. This paper examines specific methods for analyzing power consumption measurements to find secret keys from tamper resistant devices. We also discuss approaches for building cryptosystems that can operate securely in existing hardware that leaks information.
6,757 citations
06 Aug 2001
TL;DR: In this paper, the authors present a list of figures in the context of digital signatures and message authentication for general cryptographic protocols, including encryption, digital signatures, message authentication, and digital signatures.
Abstract: List of figures Preface Acknowledgements 5. Encryption schemes 6. Digital signatures and message authentication 7. General cryptographic protocols Appendix C: corrections and additions to volume I Bibliography Index.
1,889 citations
21 Jun 1998
TL;DR: NTRU encryption and decryption use a mixing system suggested by polynomial algebra combined with a clustering principle based on elementary probability theory to create a new public key cryptosystem.
Abstract: We describe NTRU, a new public key cryptosystem. NTRU features reasonably short, easily created keys, high speed, and low memory requirements. NTRU encryption and decryption use a mixing system suggested by polynomial algebra combined with a clustering principle based on elementary probability theory. The security of the NTRU cryptosystem comes from the interaction of the polynomial mixing system with the independence of reduction modulo two relatively prime integers p and q.
1,725 citations
"Security and Privacy Aspects of Low..." refers background or methods in this paper
...Continued research into efficient symmetric encryption algorithms, such as TEA [32, 33], may yield algorithms appropriate for low-cost RFID devices....
[...]
...The resources available in a low-cost RFID tag are far less than what is necessary for public key cryptography, even a resource-efficient scheme such as NTRU [11, 22]....
[...]
...This is far below what is feasible for standard public-key or symmetric encryption, including efficient algorithms such as NTRU or TEA [11, 32]....
[...]
PARC1
TL;DR: The design principles and implementation are described, based on experience with an operating Ethernet of 100 nodes along a kilometer of coaxial cable, of a model for estimating performance under heavy loads and a packet protocol for error controlled communication.
Abstract: Ethernet is a branching broadcast communication system for carrying digital data packets among locally distributed computing stations. The packet transport mechanism provided by Ethernet has been used to build systems which can be viewed as either local computer networks or loosely coupled multiprocessors. An Ethernet's shared communication facility, its Ether, is a passive broadcast medium with no central control. Coordination of access to the Ether for packet broadcasts is distributed among the contending transmitting stations using controlled statistical arbitration. Switching of packets to their destinations on the Ether is distributed among the receiving stations using packet address recognition. Design principles and implementation are described, based on experience with an operating Ethernet of 100 nodes along a kilometer of coaxial cable. A model for estimating performance under heavy loads and a packet protocol for error controlled communication are included for completeness.
1,701 citations