Abstract
A bewildering number of proposals have offered solutions to the privacy problems inherent in RFID communication. This article tries to give an overview of the currently discussed approaches and their attributes.
Similar content being viewed by others
Notes
The alternative of using the same secret for all of its tags typically lowers the strength of the authentication algorithm significantly.
Note that such items could still be traceable as particular constellations [58].
To allow for selective jamming, the RFID Guardian requires the use of a deterministic protocol like ISO-15693, where tags reply in a pre-defined timeslot (based on their ID) to reader requests.
See slides of his invited talk at http://events.iaik.tugraz.at/RFIDSec06/Program/.
Forward security means that a compromised tag does not disclose the entire history of tag sightings, even if these were under different pseudonym IDs.
This is known as the Learning Parity in the Presence of Noise (LPN) Problem.
Until such devices are available, the authors propose that new random passwords would be assigned by the supermarket and printed on the receipt.
References
Agrawal R, Kiernan J, Srikant R, Xu Y (2002) Hippocratic databases. In: Proceedings of the 28th international conference on very large databases (VLDB 2002). Morgan Kaufmann, Hong Kong, pp 143–154. http://www.vldb.org/conf/2002/S05P02.pdf.
Avoine G (2006) Bibliography on security and privacy in RFID systems. http://www.epfl.ch/~gavoine/rfid/
Avoine G, Dysli E, Oechslin P (2005) Reducing time complexity in RFID systems. In: Preneel B, Tavares S (eds) Selected areas in cryptography—SAC 2005, Kingston, ON, Canada, August 11–12, 2005. Revised Selected Papers. Lecture Notes in Computer Science, vol 3897. Springer, Heidelberg, pp 291–306
Batina L, Guajardo J, Kerins T, Mentens N, Tuyls P, Verbauwhede I (2006) An elliptic curve processor suitable for RFID-tags. Cryptology ePrint Archive, Report 2006/227. http://eprint.iacr.org/2006/227.pdf
Bertold O, Günther O, Spiekermann S (2005) RFID: Verbraucherängste und Verbraucherschutz. Wirtschaftsinformatik 47(6):422–430. http://edoc.hu-berlin.de/docviews/abstract.php?id=26367
Buttyán L, Holczer T, Vajda I (2006) Optimal key-trees for tree-based private authentication. In: Tsudik G, Syverson P, Bertino E (eds) Privacy enhancing technologies—sixth international workshop, PET 2006, Cambridge, UK, 28–30 June 2006, Revised Selected Papers, Lecture Notes in Computer Science, vol 4258. Springer, Heidelberg, pp 332–350
Castelluccia C, Soos M (2007) Secret shuffling: a novel approach to RFID private identification. In: Conference on RFID security, Malaga, 11–13 July 2007. http://rfidsec07.etsit.uma.es/slides/papers/paper-45.pdf
Chien H-Y, Chen C-H (2007) Mutual authentication protocol for RFID conforming to EPC class 1 generation 2 standards. Comput Standars Interfaces 29(2):254–259
Data Protection Commissioners (2003) Resolution on radio frequency identification. In: 25th international conference of data Protection and Privacy Commissioners, November 2003. http://www.privacyconference2003.org/commissioners.asp.
Dimitriou T (2005) A lightweight RFID protocol to protect against traceability and cloning attacks. In: Conference on security and privacy for emerging areas in communication networks—SecureComm. Athens, Greece, September 2005. IEEE
Dimitriou T (2006) A secure and efficient RFID protocol that could make big brother (partially) obsolete. In: PERCOM ’06: proceedings of the fourth annual IEEE international conference on pervasive computing and communications (PERCOM’06). IEEE Computer Society, Washington, DC, pp 269–275
European Commission (EC) (2007) Communication from the Commission to the European Parliament, the Council, the European Economic and Social Committee and the Committee of the Regions on radio frequency identification RFID in Europe: Steps towards a policy framework. COM/2007/0096 final, March 2007. http://eur-lex.europa.eu/LexUriServ/LexUriServ.do?uri=CELEX:52007DC0096:EN:NOT
European Data Protection Supervisor (EDPS) (2007) Opinion of the European Data Protection Supervisor on the communication from the Commission to the European Parliament, the Council, the European Economic and Social Committee and the Committee of the Regions on radio frequency identification (RFID) in Europe: steps towards a policy framework COM(2007)96, December 2007. http://www.edps.europa.eu/EDPSWEB/webdav/site/mySite/shared/Documents/Consulta tion/Opinions/2007/07-12-20_RFID_EN.pdf.
EPCglobal (2005) Class-1 generation-2 UHF RFID protocol for communications at 860 MHz–960 MHz, version 1.0.9. EPC radio-frequency identity protocols, January 2005. http://www.epcglobalinc.org/standards/Class_1_Generation_2_UHF_Air_Interface_Protocol_Standard_Version_1.0.9.pdf
EPCglobal (2006) EPC tag data specification 1.3. EPCglobal Standard, March 2006. http://www.epcglobalinc.org/standards/ EPCglobal_Tag_Data_Standard_TDS_Version_1.3.pdf.
European Union (2007) European policy outlook RFID (draft version). Working document, German Federal Ministry of Economics and Technology, June 2007. http://www.nextgenerationmedia.de/Nextgenerationmedia/Navigation/en/rfid-conference.html.
Fabian B, Günther O, Spiekermann S (2005) Security analysis of the object name service for RFID. In: Proceedings of the first international workshop on security, privacy and trust in pervasive and ubiquitous computing, SecPerU 2005, in conjunction with IEEE ICPS'05, Santorini, Greece, July 14, 2005. http://cgi.di.uoa.gr/~spu2005/
Feldhofer M, Dominikus S, Wolkerstorfer J (2004) Strong authentication for RFID systems using the AES algorithm. In: Joye M, Quisquater J-J (eds) Workshop on cryptographic hardware and embedded systems—CHES 2004, 6th international workshop, Cambridge, MA, USA, August 11–13, 2004. Proceedings. Lecture Notes in Computer Science, vol 3156. Springer, Heidelberg, pp 357–370
Fishkin K, Roy S, Jiang B (2005) Some methods for privacy in RFID communication. In: Castelluccia C, Hartenstein H, Paar C, Westhoff D (eds) Security in ad-hoc and sensor networks—first European workshop, ESAS 2004, Heidelberg, Germany, 6 August 2004, Revised Selected Papers, Lecture Notes in Computer Science, vol 3313. Springer, Heidelberg, pp 42–53
Floerkemeier C, Schneider R, Langheinrich M (2005) Scanning with a purpose—supporting the fair information principles in RFID protocols. In: Murakami H, Nakashima H, Tokuda H, Yasumura M (eds) Ubiquitous computing systems—second international symposium, UCS Tokyo, Japan, 8–9 November 2004, Revised Selected Papers, Lecture Notes in Computer Science, vol 3598. Springer, Heidelberg, pp 214–231
Garfinkel S (2004) RFID rights. Technol Rev 107(9). http://www.technologyreview.com/articles/04/11/wo_garfinkel110304.asp?p=1.
Garfinkel S, Rosenberg B (eds) (2005) RFID: applications, security, and privacy. Addison-Wesley, Reading
Henrici D, Müller P (2004) Hash-based enhancement of location privacy for radio-frequency identification devices using varying identifiers. In: Lau F, Lei H (eds) Proceedings of the second IEEE annual conference on pervasive computing and communications workshops. Orlando, FL, USA, March 2004. IEEE Computer Society, pp 149–153. http://ieeexplore.ieee.org/xpl/tocresult.jsp?isNumber=28557&page=2
Heydt-Benjamin TS, Bailey DV, Fu K, Juels A, OHare T (2007) Vulnerabilities in first-generation RFID-enabled credit cards. In: Dietrich S, Dhamija R (eds) Financial cryptography and data security. 11th International Conference, FC 2007, and 1st international workshop on usable security, USEC 2007, Scarborough, Trinidad and Tobago, 12–16 February 2007. Revised Selected Papers, Lecture Notes in Computer Science, vol 4886. Springer, Heidelberg, pp 2–14. The full version of this paper appears as UMass Amherst CS TR-2006-055. See http://www.rfid-cusp.org for the latest version. http://www.springerlink.com/content/e7324164535up092/.
Inoue S, Yasuura H (2003) RFID privacy using user-controllable uniqueness. In: Proceedings of the RFID privacy workshop, MIT Press, Cambridge. http://www.rfidprivacy.us/2003/papers/sozo_inoue.pdf.
Juels A (2004) Minimalist cryptography for RFID tags. In: Blundo C (ed) Security of communication networks (SCN), Amalfi, Italy, September 2004. http://www.rsasecurity.com/rsalabs/staff/bios/ajuels/publications/minimalist/M inimalist.pdf.
Juels A (2005) RFID privacy: a tecnical primer for the non-technical reader. In: Strandburg K, Raicu DS (eds) Privacy and technologies of identity: a cross-disciplinary conversation. Springer, Heidelberg. http://www.rsasecurity.com/rsalabs/staff/bios/ajuels/publications/rfid_privacy/DePaul23Feb05Draft.pdf.
Juels A (2005) Strengthening EPC tags against cloning. In: WiSe ’05: Proceedings of the fourth ACM workshop on wireless security. ACM Press, New York, pp 67–76
Juels A (2006) RFID security and privacy: a research survey. IEEE J Sel Areas Commun 24(2):381–394. http://www.rsasecurity.com/rsalabs/staff/bios/ajuels/publications/pdfs/rfid_survey_28_09_05.pdf
Juels A, Brainard J (2004) Soft blocking: flexible blocker tags on the cheap. In: De Capitani di Vimercati S, Syverson P (eds) Workshop on Privacy in the Electronic Society—WPES. ACM Press, Washington, DC, pp 1–7
Juels A, Pappu R, Parno B (2008) Unidirectional key distribution across time and space with applications to RFID security. Cryptology ePrint Archive, Report 2008/044. http://eprint.iacr.org/cgi-bin/cite.pl?entry=2008/044
Juels A, Rivest RL, Szydlo M (2003) The blocker tag: selective blocking of RFID tags for consumer privacy. In: Jajodia S, Atluri V, Jaeger T (eds) Proceedings of the tenth ACM conference on computer and communication security. ACM Press, Washington, DC, pp 103–111. http://portal.acm.org/citation.cfm?id=948126&coll=Portal
Juels A, Weis S (2005) Authenticating pervasive devices with human protocols. In: Shoup V (ed) Advances in cryptology—CRYPTO’05, Lecture Notes in Computer Science, IACR, vol 3126. Springer, Santa Barbara, pp 293–308
Karjoth G, Moskowitz PA (2005) Disabling RFID tags with visible confirmation: clipped tags are silenced. In: Atluri V, De Capitani di Vimercati S, Dingledine R (eds) Proceedings of the 2005 ACM Workshop on Privacy in the Electronic Society (WPES 2005). ACM Press, Alexandria, pp 27–30
Karthikeyan S, Nesterenko M (2005) RFID security without extensive cryptography. In: Workshop on security of ad hoc and sensor networks—SASN’05. ACM, ACM Press, Alexandria, pp 63–67
Kobsa A, Schreck J (2003) Privacy through pseudonymity in user-adaptive systems. ACM Trans Internet Technol 3(2):149–183
Kriplean T, Welbourne E, Khoussainova N, Rastogi V, Balazinska M, Borriello G, Kohno T, Suciu D (2007) Physical access control for captured RFID data. IEEE Pervasive Comput 6(4):48–55
Langheinrich M (2007) RFID and privacy. In: Petkovic M, Jonker W (eds) Security, privacy, and trust in modern data management. Springer, Heidelberg, pp 433–450
Langheinrich M, Marti R (2007) Practical minimalist cryptography for RFID privacy. IEEE Syst J 1(2):115–128. http://www.vs.inf.ethz.ch/publ/papers/shamirtags07.pdf.
Lu L, Han J, Hu L, Liu Y, Ni LM (2007) Dynamic key-updating: privacy-preserving authentication for RFID systems. In: Porta TL, Mutka M, Pinhanez C, Steenkiste P (eds) Proceedings of the fifth annual IEEE international conference on pervasive computing and communications (PerCom ’07), 19–23 March. IEEE Press, White Plains, pp 13–22
Mara J (2003) Euro scheme makes money talk. Wired News, 9 July 2003. http://www.wired.com/news/privacy/0,1848,59565,00.html.
Molnar D, Soppera A, Wagner D (2005) Privacy for RFID through trusted computing. In: WPES ’05: proceedings of the 2005 ACM workshop on privacy in the electronic society. ACM Press, New York, pp 31–34
Molnar D, Soppera A, Wagner D (2005) A scalable, delegatable pseudonym protocol enabling ownership transfer of RFID tags. In: Preneel B, Tavares S (eds) Selected areas in cryptography—SAC 2005, Lecture Notes in Computer Science, vol 3897. Springer, Kingston, pp 276–290
Molnar D, Wagner D (2004) Privacy and security in library RFID: issues, practices, and architectures. In: Pfitzmann B, Liu P (eds) Conference on computer and communications security—ACM CCS. ACM Press, Washington, DC, pp 210–219
Ohkubo M, Suzuki K, Kinoshita S (2005) Cryptographic approach to “privacy-friendly” tags. In: Garfinkel S, Rosenberg B (eds) RFID: applications, security, and privacy. Addison-Wesley, Reading. http://www.rfidprivacy.us/2003/papers/ohkubo.pdf.
Osaka K, Takagi T, Yamazaki K, Takahashi O (2006) An efficient and secure RFID security method with ownership transfer. In: Cheung Y-M, Wang Y, Liu H (eds) Computational intelligence and security, 2006 international conference on (CIS’06), vol 2. IEEE Press, Piscataway, pp 1090–1095. http://ieeexplore.ieee.org/xpls/abs_all.jsp?arnumber=4076126
Rieback M, Crispo B, Tanenbaum A (2005) RFID guardian: a battery-powered mobile device for RFID privacy management. In: Boyd C, González Nieto JM (eds) Australasian conference on information security and privacy—ACISP’05, Brisbane, Australia, July 4–6, 2005. Proceedings. Lecture Notes in Computer Science, vol 3574. Springer, Heidelberg, pp 184–194
Rieback M, Crispo B, Tanenbaum A (2007) Keep on blockin’ in the free world: personal access control for low-cost RFID tags. In: Christianson B, Crispo B, MalcolmJA, Roe M (eds) Security protocols, 13th international workshop, Cambridge, UK, 20–22 April 2005. Revised Selected Papers, Lecture Notes in Computer Science, vol 4631. Springer, Heidelberg, pp 51–59. http://www.springerlink.com/content/92407245x4432q17/.
Rieback MR, Crispo B, Tanenbaum AS (2006) The evolution of RFID security. IEEE Pervasive Comput 05(1):62–69
Shamir A (1979) How to share a secret. Comm ACM 22(11):612–613
Spiekermann S (2008) RFID and privacy—what consumers really want and fear. Personal Ubiquitous Comput. Special issue on Privacy in Ubiquitous Computing. doi:10.1007/s00779-008-0213-4
Spiekermann S, Berthold O (2005) Maintaining privacy in RFID enabled environments—proposal for a disable-model. In: Robinson P, Vogt H, Wagealla W (eds) Privacy, security and trust within the context of pervasive computing, Springer International Series in Engineering and Computer Science, vol 780. Springer Science and Business Meida Inc., New York, pp 137–146. http://www.springerlink.com/content/w8w447l70541w075/.
Staake T, Thiesse F, Fleisch E (2005) Extending the EPC network—the potential of RFID in anti-counterfeiting. In: Proceedings of the 2005 ACM symposium on applied computing. ACM Press, New York, pp 1607–1612
Swedberg C (2006) Marnlen makes privacy-friendly tags for retail items. RFID J. See http://www.rfidjournal.com/article/articleprint/2803/-1/1/. November 2006
Tsudik G (2007) A family of dunces: trivial RFID identification and authentication protocols. In: Borisov N, Golle P (eds) Privacy enhancing technologies. Seventh international symposium, PET 2007 Ottawa, Canada, 20–22 June 2007, Revised Selected Papers, Lecture Notes in Computer Science, vol 4776. Springer, Heidelberg, pp 45–61. http://www.springerlink.com/content/d67454h576847p42/
Tuyls P, Batina L (2006) RFID-tags for anti-counterfeiting. In: Pointcheval D (ed) Topics in cryptology—CT-RSA 2006—the cryptographers’ track at the RSA conference 2006, San Jose, USA, 13–17 February 2005, Proceedings, Lecture Notes in Computer Science, vol 3860. Springer, Heidelberg, pp 115–131. http://www.cosic.esat.kuleuven.be/publications/article-621.pdf.
Want R (2006) An introduction to RFID technology. IEEE Pervasive Comput 5(1):25–33
Weis SA, Sarma SE, Rivest RL, Engels DW (2003) Security and privacy aspects of low-cost radio frequency identification systems. In: Hutter D, Müller G, Stephan W, Ullmann M (eds) Security in pervasive computing—first international conference, Boppard, Germany, 12–14 March 2003, Revised Papers, Lecture Notes in Computer Science, vol 2802. Springer, Heidelberg, pp 201–212. http://www.springerlink.com/openurl.asp?genre=issue&issn=0302-9743&volume=2802.
Westhues J, Hacking the prox card. In: Garfinkel S, Rosenberg B (eds) RFID: applications, security, and privacy. Addison-Wesley, Reading, pp 291–300
Westin AF (1967) Privacy and freedom. Atheneum, New York
Acknowledgments
The feedback of the anonymous reviewers, as well as the many helpful comments from my co-editor Sarah Spiekermann, helped tremendously in the writing of this article.