PEM4RFID: Privacy Enhancement Model for RFID Systems

  • Guangquan XuEmail author
  • Yuanyuan Ren
  • Bin Liu
  • Gaoxu Zhang
  • Xiaohong Li
  • Zhiyong Feng
Conference paper
Part of the Lecture Notes in Computer Science book series (LNCS, volume 9530)


With the wider application of radio frequency identification (RFID) technology in various vital systems, more and more privacy threats and security flaws have been emerging. Traditional RFID systems only focus attention on foundational implementation, which lacks privacy protection and effective identity authentication. To solve the privacy protection problem of RFID systems,this paper proposes PEM4RFID privacy enhancement model FOR RFID: a “2 + 2” identity authentication mechanism, which includes a two-factor authentication protocol (TFAP) based on “two-way authentication”. Our TFAP adopts “hardware information + AES-ECC encryption” method, and while the “two-way authentication” is based on improved combined public key (CPK). Case study shows that our proposed PEM4RFID has characteristics of untraceability and nonrepeatability of instructions, which realizes a good trade-off between privacy and security in RFID systems.


Privacy enhancement model (PEM) Radio frequency identification (RFID) Combined public key (CPK) Two-Factor authentication protocol (TFAP) Two-way authentication 



This work is supported by the National Natural Science Foundation of China (No. 61340039, 61572355, 61572349) and 985 funds of Tianjin University, Tianjin Research Program of Application Foundation and Advanced Technology under grant No. 15JCYBJC15700 and No. 14JCTPJC00517.


  1. 1.
    Roberts, C.M.: Radio frequency identification (RFID). Comput. Secur. 26, 18–26 (2006)CrossRefGoogle Scholar
  2. 2.
    Want, R.: An introduction to RFID technology. IEEE Pervasive Comput. 5, 25–33 (2006)CrossRefGoogle Scholar
  3. 3.
    Miri, A.: Information science reference-imprint: advanced security and privacy for RFID technologies. In: America, p. 342. IGI Global, Hershey (2013)Google Scholar
  4. 4.
    Wang, J.S.: Provable security lightweight service—less RFID security search protocol. J. Hunan Univ. 41, 117–124 (2013)Google Scholar
  5. 5.
    Diffie, W., Hellman, M.E.: New directions in cryptography. IEEE Trans. Inf. Theory 22, 644–654 (1976)MathSciNetCrossRefzbMATHGoogle Scholar
  6. 6.
    Rivest, R., Shamir, A., Adleman, M.: A method for obtaining digital signatures and public-key cryptosystems. Commun. ACM 21, 120–126 (1978)MathSciNetCrossRefzbMATHGoogle Scholar
  7. 7.
    Miller, V.S.: Use of elliptic curves in cryptography. In: Williams, H.C. (ed.) CRYPTO 1985. LNCS, vol. 218, pp. 417–426. Springer, Heidelberg (1986)Google Scholar
  8. 8.
    Koblitz, N.: Elliptic curve cryptosystems. Math. Comput. 48, 203–209 (1987)MathSciNetCrossRefzbMATHGoogle Scholar
  9. 9.
    Zhang, X.A.: Research of elliptic curve cryptosystems. Commun. Technol. 5, 208–209, 212 (2009)Google Scholar
  10. 10.
    Peng, D.L., Li, C., Huo, H.: Computer science and information technology: an extended username token-based approach for REST-style web service security authentication. In: Proceedings of IEEE Computer Science and Information Technology Conference, America, pp. 582–586. IEEE (2009)Google Scholar
  11. 11.
    Boneh, D., Franklin, M.: Identity based encryption from weil pairing. In: Kilian, J. (ed.) CRYPTO 2001. LNCS, vol. 2139, pp. 213–229. Springer, Heidelberg (2001)Google Scholar
  12. 12.
    Nan, X.H.: CPK algorithm and identity authentication. China Inf. Secur. 28, 12–16 (2006)Google Scholar
  13. 13.
    Nan, X.H.: Identity authentication based on CPK, pp. 57–58. National Defense Industry Press, Beijing (2006)Google Scholar
  14. 14.
    Chen, H.P.: Description of CPK several issues. China Inf. Secur. 29, 47–49 (2007)Google Scholar
  15. 15.
    Jurisic, A., Menezes, A.: Elliptic curves and cryptography. Dr. Dobb’s J. 26–36 (1997)Google Scholar
  16. 16.
    Nan, X.H.: CPK combined public key cryptosystem v6.0. Netw. Comput. Secur. 97(7), 2–4 (2011)Google Scholar
  17. 17.
    Nan, X.H.: CPK combined public key cryptosystem v7.0. Netw. Comput. Secur. 113, 4–6 (2012)Google Scholar
  18. 18.
    Nan, X.H.: CPK combined public key cryptosystem v8.0. China Inf. Secur. 206, 12–16 (2012)Google Scholar
  19. 19.
    Nan, X.H., Chen, H.P.: Combined public key system standard. China Inf. Secur. 30, 21–22 (2008)Google Scholar
  20. 20.
    Johnson, D., Menezes, A.: The elliptic curve digital signature algorithm (ECDSA). Technical report CORR, pp. 99–34, (1999).

Copyright information

© Springer International Publishing Switzerland 2015

Authors and Affiliations

  • Guangquan Xu
    • 1
    Email author
  • Yuanyuan Ren
    • 1
  • Bin Liu
    • 1
  • Gaoxu Zhang
    • 1
  • Xiaohong Li
    • 1
  • Zhiyong Feng
    • 1
  1. 1.School of Computer Science and TechnologyTianjin UniversityTianjinChina

Personalised recommendations