Skip to main content
SpringerLink
Log in

ALGSICS — Combining Physics and Cryptography to Enhance Security and Privacy in RFID Systems

  • Conference paper
Security and Privacy in Ad-hoc and Sensor Networks (ESAS 2007)

Part of the book series: Lecture Notes in Computer Science ((LNCCN,volume 4572))

Included in the following conference series:

Abstract

In this paper, we introduce several new mechanisms that are cheap to implement or integrate into RFID tags and that at the same time enhance their security and privacy properties. Our aim is to provide solutions that make use of existing (or expected) functionality on the tag or that are inherently cheap and thus, enhance the privacy friendliness of the technology “almost” for free. Our proposals, for example, make use of environmental information (presence of light temperature, humidity, etc.) to disable or enable the RFID tag. A second possibility that we explore is the use of delays in revealing a secret key used to later establish a secure communication channel. We also introduce the idea of a “sticky tag,” which can be used to re-enable a disabled (or killed) tag whenever the user considers it to be safe. We discuss the security and describe usage scenarios for all solutions. Finally, we review previous works that use physical principles to provide security and privacy in RFID systems.

This is a preview of subscription content, log in via an institution to check access.

Access this chapter

Log in via an institution
Chapter
USD 29.95
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
eBook
USD 39.99
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
Softcover Book
USD 54.99
Price excludes VAT (USA)
  • Compact, lightweight edition
  • Dispatched in 3 to 5 business days
  • Free shipping worldwide - see info

Tax calculation will be finalised at checkout

Purchases are for personal use only

Institutional subscriptions

Preview

Unable to display preview. Download preview PDF.

Unable to display preview. Download preview PDF.

References

  1. Staake, T., Thiesse, F., Fleisch, E.: Extending the EPC Network — The Potential of RFID in Anti-Counterfeiting. In: Haddad, H., Liebrock, L.M., Wainwright, A.O. (eds.) SAC 2005, March 13-17, 2005, ACM Press, New York (2005)

    Google Scholar 

  2. Juels, A.: Minimalist Cryptography for Low-Cost RFID Tags. In: Blundo, C., Cimato, S. (eds.) SCN 2004. LNCS, vol. 3352, pp. 149–164. Springer, Heidelberg (2005)

    Google Scholar 

  3. Juels, A., Weis, S.: Authenticating Pervasive Devices with Human Protocols. In: Shoup, V. (ed.) CRYPTO 2005. LNCS, vol. 3621, pp. 293–308. Springer, Heidelberg (2005)

    Google Scholar 

  4. Feldhofer, M., Dominikus, S., Wolkerstorfer, J.: Strong Authentication for RFID Systems Using the AES Algorithm. In: Joye, M., Quisquater, J.-J. (eds.) CHES 2004. LNCS, vol. 3156, pp. 357–370. Springer, Heidelberg (2004)

    Google Scholar 

  5. Dominikus, S., Oswald, E., Feldhofer, M.: Symmetric Authentication for RFID Systems in Practice. Printed handout of Workshop on RFID and Light-Weight Crypto, pp. 25–31. ECRYPT Network of Excellence (July 13-15, 2005)

    Google Scholar 

  6. Weis, S.A., Sarma, S.E., Rivest, R.L., Engels, D.W.: Security and privacy aspects of low-cost radio frequency identification systems. In: Hutter, D., Müller, G., Stephan, W., Ullmann, M. (eds.) SPC 2003. LNCS, vol. 2802, pp. 201–212. Springer, Heidelberg (2004)

    Google Scholar 

  7. Tuyls, P., Batina, L.: RFID-tags for Anti-Counterfeiting. In: Pointcheval, D. (ed.) CT-RSA 2006. LNCS, vol. 3860, pp. 115–131. Springer, Heidelberg (2006)

    Chapter  Google Scholar 

  8. Batina, L., Guajardo, J., Kerins, T., Mentens, N., Tuyls, P., Verbauwhede, I.: Public-Key Cryptography for RFID-Tags. In: PerCom 2007 Workshops. IEEE Conference on Pervasive Computing and Communications Workshops, New York, March 19-23, 2007, IEEE Computer Society, Los Alamitos (2007)

    Google Scholar 

  9. Juels, A., Rivest, R.L., Szydlo, M.: The blocker tag: selective blocking of RFID tags for consumer privacy. In: Jajodia, S., Atluri, V., Jaeger, T. (eds.) CCS 2003. ACM Conference on Computer and Communications Security, October 27-30, 2003, pp. 103–111. ACM Press, New York (2003)

    Chapter  Google Scholar 

  10. Juels, A., Brainard, J.G.: Soft blocking: flexible blocker tags on the cheap. In: Atluri, V., Syverson, P.F., di Vimercati, S.D.C. (eds.) WPES 2004. ACM Workshop on Privacy in the Electronic Society, October 28, 2004, pp. 1–7. ACM Press, New York (2004)

    Chapter  Google Scholar 

  11. Floerkemeier, C., Schneider, R., Langheinrich, M.: Scanning with a purpose – supporting the fair information principles in RFID protocols. In: Murakami, H., Nakashima, H., Tokuda, H., Yasumura, M. (eds.) UCS 2004. LNCS, vol. 3598, pp. 214–231. Springer, Heidelberg (2005)

    Google Scholar 

  12. Rieback, M., Crispo, B., Tanenbaum, A.: RFID guardian: A battery-powered mobile device for RFID privacy management. In: Boyd, C., González Nieto, J.M. (eds.) Information Security and Privacy. LNCS, vol. 3574, pp. 184–194. Springer, Heidelberg (2005)

    Google Scholar 

  13. Karjoth, G., Moskowitz, P.: Disabling RFID tags with visible confirmation: Clipped tags are silenced. In: WPES. Workshop on Privacy in the Electronic Society, Alexandria, Virginia, November 2005, ACM Press, New York (2005)

    Google Scholar 

  14. Munilla, J., Ortiz, A., Peinado, A.: Distance bounding protocols with void-challenges for RFID. Printed handout of Workshop on RFID Security – RFIDSec 06, pp. 15–26. ECRYPT Network of Excellence (July 2006)

    Google Scholar 

  15. Castelluccia, C., Avoine, G.: Noisy tags: A pretty good key exchange protocol for RFID tags. In: Domingo-Ferrer, J., Posegga, J., Schreckling, D. (eds.) CARDIS 2006. LNCS, vol. 3928, pp. 289–299. Springer, Heidelberg (2006)

    Chapter  Google Scholar 

  16. Chabanne, H., Fumaroli, G.: Noisy Cryptographic Protocols for Low-Cost RFID Tags. IEEE Transactions on Information Theory 52(8), 3562–3566 (2006)

    Article  MathSciNet  Google Scholar 

  17. Juels, A.: RFID Security and Privacy: A Research Survey. IEEE Journal on Selected Areas in Communications 24(2), 381–394 (2006), extended version available from http://www.rsasecurity.com/rsalabs/node.asp?id=2029

    Article  MathSciNet  Google Scholar 

  18. Philipose, M., Smith, J., Jiang, B., Mamishev, A.: Battery-Free Wireless Identification and Sensing. IEEE Pervasive Computing 4(1), 37–45 (2005)

    Article  Google Scholar 

  19. Opasjumruskit, K., Thanthipwan, T., Sathusen, O., Sirinamarattana, P., Gadmanee, P., Pootarapan, E., Wongkomet, N., Thanachayanont, A., Thamsirianunt, M.: Self-powered wireless temperature sensors exploit RFID technology. IEEE Pervasive Computing 5(1), 54–61 (2006)

    Article  Google Scholar 

  20. Kitayoshi, H., Sawaya, K.: Long range passive rfid-tag for sensor networks. In: IEEE 62nd Vehicular Technology Conference — VTC-2005, September 25-28, 2005, pp. 2696–2700. IEEE Computer Society, Los Alamitos (2005)

    Chapter  Google Scholar 

  21. Weis, S.: Security and privacy in radio-frequency identification devices. Master thesis, May 2003, Massachusetts Institute of Technology (MIT), Cambridge, Massachusetts (2003)

    Google Scholar 

  22. Swedberg, C.: DHL Expects to Launch Sensor Tag Service by Midyear. RFID Journal (January 19th, 2007), available at http://www.rfidjournal.com/article/articleprint/2986/-1/1/

  23. Radovanovic, S., Annema, A., Nauta, B.: High-speed lateral polysilicon photodiode in standard CMOS technology. In: ESSDERC 2003. 33rd European Solid-State Circuits Conference, September 16-18, 2003, IEEE Computer Society, Los Alamitos (2003)

    Google Scholar 

  24. Juels, A., Pappu, R.: Squealing Euros: Privacy Protection in RFID-Enabled Banknotes. In: Wright, R.N. (ed.) Financial Cryptography. LNCS, vol. 2742, pp. 103–121. Springer, Heidelberg (2003)

    Google Scholar 

  25. Batista, E.: Step Back’ for Wireless ID Tech? Wired News (April 8th, 2003), available at http://www.wired.com/news/wireless/0,1382,58385,00.html

  26. Karygiannis, T., Eydt, B., Barber, G., Bunn, L., Phillips, T.: Draft Special Publication 800-98, Guidance for Securing Radio Frequency Identification (RFID) Systems. National Institute for Standards and Technology, Gaithersburg, MD, USA. (September 2006), available for download at http://csrc.nist.gov/

  27. Chan, Y., Meng, M.Q.H., Wu, K.L., Wang, X.: Experimental Study of Radiation Efficiency from an Ingested Source inside a Human Body Model. In: IEEE Annual International Conference of the Engineering in Medicine and Bilogy Society — IEEE-EMBS (September 1st-4th, 2005), pp. 7754–7757 (2005)

    Google Scholar 

  28. KU Information & Telecommunication Technology Center. The University of Kansas: UHF KU-RFID Tag (2006), available at http://www.rfidalliancelab.org/publications/ittc_press_release.shtml

  29. Sarma, S.: Some issues related to rfid and security. Introductory Talk – RFIDSec 06 (July 2006), available at http://events.iaik.tugraz.at/RFIDSec06/Program/index.htm

  30. Stajano, F., Anderson, R.J.: The Resurrecting Duckling: Security Issues for Ad-hoc Wireless Networks. In: Malcolm, J.A., Christianson, B., Crispo, B., Roe, M. (eds.) Security Protocols. LNCS, vol. 1796, pp. 19–21. Springer, Heidelberg (2000)

    Google Scholar 

  31. May, T.C.: Timed-release crypto. Posting to the Cypherpunks Mailing List (February 10th, 1993), available at http://cypherpunks.venona.com/date/1993/02/msg00129.html

  32. Juels, A., Syverson, P., Bailey, D.: High-Power Proxies for Enhancing RFID Privacy and Utility. In: Danezis, G., Martin, D. (eds.) PET 2005. LNCS, vol. 3856, pp. 210–226. Springer, Heidelberg (2006)

    Chapter  Google Scholar 

  33. Soppera, A., Burbridge, T.: Off by default - RAT: RFID acceptor tag. Printed handout of Workshop on RFID Security – RFIDSec 06, pp. 151–166. ECRYPT Network of Excellence (July 2006)

    Google Scholar 

  34. Haselsteiner, E., Breitfuss, K.: Security in near field communication (NFC). Printed handout of Workshop on RFID Security – RFIDSec 06, pp. 151–166. ECRYPT Network of Excellence (July 2006)

    Google Scholar 

  35. Brands, S., Chaum, D.: Distance-bounding protocols (extended abstract). In: Helleseth, T. (ed.) EUROCRYPT 1993. LNCS, vol. 765, pp. 344–359. Springer, Heidelberg (1994)

    Chapter  Google Scholar 

  36. Fishkin, K.P., Roy, S., Jiang, B.: Some Methods for Privacy in RFID Communication. In: Castelluccia, C., Hartenstein, H., Paar, C., Westhoff, D. (eds.) ESAS 2004. LNCS, vol. 3313, pp. 42–53. Springer, Heidelberg (2005)

    Google Scholar 

  37. Hancke, G., Kuhn, M.: An RFID distance bounding protocol. In: Conference on Security and Privacy for Emerging Areas in Communication Networks – SecureComm 2005, September 2005, pp. 67–73. IEEE Computer Society, Los Alamitos (2005)

    Chapter  Google Scholar 

  38. Inoue, S., Yasuura, H.: RFID privacy using user-controllable uniqueness. RFID Privacy Workshop (November 2003)

    Google Scholar 

  39. Bolotnyy, L., Robins, G.: Multi-tag radio frequency identification systems. In: Workshop on Automatic Identification Advanced Technologies — AutoID, 345 E. 47th St, New York, October, 2005, NY 10017, pp. 83–88 (2005)

    Google Scholar 

  40. Rivest, R.L.: Chaffing and Winnowing: Confidentiality without Encryption. CryptoBytes 4(1), 12–17 (1998)

    Google Scholar 

  41. Zou, C.C.: PCB: Physically Changeable Bit for Preserving Privacy in Low-End RFID Tags. RFID White Paper Library, RFID Journal (May 2006)

    Google Scholar 

Download references

Author information

Authors and Affiliations

  1. Philips Research Europe, Eindhoven, The Netherlands

    Neil Bird, Claudine Conrado, Jorge Guajardo, Geert-Jan Schrijen, Boris Skoric, Anton M. H. Tombeur & Pim Tuyls

  2. IMAPP, Radboud University Nijmegen, Nijmegen, The Netherlands

    Stefan Maubach

  3. NXP, Gratkorn, Austria

    Peter Thueringer

Authors
  1. Neil Bird
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. Claudine Conrado
    View author publications

    You can also search for this author in PubMed Google Scholar

  3. Jorge Guajardo
    View author publications

    You can also search for this author in PubMed Google Scholar

  4. Stefan Maubach
    View author publications

    You can also search for this author in PubMed Google Scholar

  5. Geert-Jan Schrijen
    View author publications

    You can also search for this author in PubMed Google Scholar

  6. Boris Skoric
    View author publications

    You can also search for this author in PubMed Google Scholar

  7. Anton M. H. Tombeur
    View author publications

    You can also search for this author in PubMed Google Scholar

  8. Peter Thueringer
    View author publications

    You can also search for this author in PubMed Google Scholar

  9. Pim Tuyls
    View author publications

    You can also search for this author in PubMed Google Scholar

Editor information

Frank Stajano Catherine Meadows Srdjan Capkun Tyler Moore

Rights and permissions

Reprints and permissions

Copyright information

© 2007 Springer-Verlag Berlin Heidelberg

About this paper

Cite this paper

Bird, N. et al. (2007). ALGSICS — Combining Physics and Cryptography to Enhance Security and Privacy in RFID Systems. In: Stajano, F., Meadows, C., Capkun, S., Moore, T. (eds) Security and Privacy in Ad-hoc and Sensor Networks. ESAS 2007. Lecture Notes in Computer Science, vol 4572. Springer, Berlin, Heidelberg. https://doi.org/10.1007/978-3-540-73275-4_14

Download citation

  • DOI: https://doi.org/10.1007/978-3-540-73275-4_14

  • Publisher Name: Springer, Berlin, Heidelberg

  • Print ISBN: 978-3-540-73274-7

  • Online ISBN: 978-3-540-73275-4

  • eBook Packages: Computer ScienceComputer Science (R0)

Publish with us

Policies and ethics

Search

Navigation