Chapter

Ad-Hoc, Mobile and Wireless Networks

Volume 5793 of the series Lecture Notes in Computer Science pp 227-240

Secure EPC Gen2 Compliant Radio Frequency Identification

  • Mike BurmesterAffiliated withDepartment of Computer Science, Florida State University
  • , Breno de MedeirosAffiliated withGoogle, Inc.
  • , Jorge MunillaAffiliated withDepartamento de Ingeniería de Comunicaciones, Universidad de Málaga
  • , Alberto PeinadoAffiliated withDepartamento de Ingeniería de Comunicaciones, Universidad de Málaga

* Final gross prices may vary according to local VAT.

Get Access

Abstract

The increased functionality of EPC Class1 Gen2 (EPCGen2) is making this standard a de facto specification for inexpensive tags in the RFID industry. Recently three EPCGen2 compliant protocols that address security issues were proposed in the literature. In this paper we analyze these protocols and show that they are not secure and subject to replay/impersonation and statistical analysis attacks. We then propose an EPCGen2 compliant RFID protocol that uses the numbers drawn from synchronized pseudorandom number generators (RNG) to provide secure tag identification and session unlinkability. This protocol is optimistic and its security reduces to the (cryptographic) pseudorandomness of the RNGs supported by EPCGen2.

Keywords

EPCGen2 compliance security identification unlinkability