Minimalist Cryptography for Low-Cost RFID Tags (Extended Abstract)

  • Ari Juels
Part of the Lecture Notes in Computer Science book series (LNCS, volume 3352)


A radio-frequency identification (RFID) tag is a small, inexpensive microchip that emits an identifier in response to a query from a nearby reader. The price of these tags promises to drop to the range of $0.05 per unit in the next several years, offering a viable and powerful replacement for barcodes.

The challenge in providing security for low-cost RFID tags is that they are computationally weak devices, unable to perform even basic symmetric-key cryptographic operations. Security researchers often therefore assume that good privacy protection in RFID tags is unattainable. In this paper, we explore a notion of minimalist cryptography suitable for RFID tags. We consider the type of security obtainable in RFID devices with a small amount of rewritable memory, but very limited computing capability. Our aim is to show that standard cryptography is not necessary as a starting point for improving security of very weak RFID devices. Our contribution is twofold:

  1. 1

    We propose a new security model for authentication and privacy in RFID tags. This model takes into account the natural computational limitations and the likely attack scenarios for RFID tags in real-world settings. It represents a useful divergence from standard cryptographic security modeling, and thus a new basis for practical formalization of minimal security requirements for low-cost RFID-tag security.

  2. 2

    We describe a protocol that provably achieves the properties of authentication and privacy in RFID tags in our proposed model, and in a good practical sense. It involves no computationally intensive cryptographic operations, and relatively little storage.



authentication privacy pseudonyms RFID tags 


Unable to display preview. Download preview PDF.

Unable to display preview. Download preview PDF.


  1. 1.
    Security technology: Where’s the smart money? The Economist, 69–70, February 9 (2002)Google Scholar
  2. 2.
    Prada’s smart tags too clever? Wired News, October 27 (2002)Google Scholar
  3. 3.
    Bellare, M., Desai, A., Pointcheval, D., Rogaway, P.: Relations among notions of security for public-key encryption schemes. In: Krawczyk, H. (ed.) CRYPTO 1998. LNCS, vol. 1462, pp. 26–45. Springer, Heidelberg (1998)Google Scholar
  4. 4.
    Benetton undecided on use of ‘smart tags’. Associated Press, April 8 (2003)Google Scholar
  5. 5.
    Collins, J.: The cost of Wal-Mart’s RFID edict. RFID Journal, September 10 (2003)Google Scholar
  6. 6.
    Ewatt, D.M., Hayes, M.: Gillette razors get new edge: RFID tags. Information Week January 3 (2003), Referenced at,
  7. 7.
    Fishkin, K.P., Roy, S., Jiang, B.: Some methods for privacy in rfid communication. In: 1st European Workshop on Security in Ad-Hoc and Sensor Networks. Springer, Heidelberg (2004) (to appear) Google Scholar
  8. 8.
    Fishkin, K.P., Wang, M., Borriello, G.: A ubiquitous system for medication monitoring. In: Second International Conference on Pervasive Computing, Springer, Heidelberg (2004)Google Scholar
  9. 9.
    El Gamal, T.: A public key cryptosystem and a signature scheme based on discrete logarithms. IEEE Transactions on Information Theory 31, 469–472 (1985)zbMATHCrossRefGoogle Scholar
  10. 10.
    Garfinkel, S.: An RFID Bill of Rights. Technology Review, 35 (October 2002)Google Scholar
  11. 11.
    Golle, P., Jakobsson, M., Juels, A., Syverson, P.: Universal re-encryption for mixnets. Springer, Heidelberg (2004) (to appear)Google Scholar
  12. 12.
    Juels, A., Brainard, J.: Soft blocking: Flexible blocker tags on the cheap. In: WPES 2004, ACM Press, New York (2004) (to appear)Google Scholar
  13. 13.
    Juels, A., Pappu, R.: Squealing Euros: Privacy protection in RFID-enabled banknotes. In: Wright, R.N. (ed.) FC 2003. LNCS, vol. 2742, pp. 103–121. Springer, Heidelberg (2003)CrossRefGoogle Scholar
  14. 14.
    Juels, A., Rivest, R.L., Szydlo, M.: The blocker tag: Selective blocking of RFID tags for consumer privacy. In: Atluri, V. (ed.) ACM CCS 2003, pp. 103–111. ACM Press, New York (2003)CrossRefGoogle Scholar
  15. 15.
    Auto-ID Labs. 13.56 MHz ISM band class 1 radio frequency identification tag interference specification: Candidate recommendation, version 1.0.0. Technical Report MIT-AUTOID-WH-002, Auto-ID Labs (2003), Referenced at,
  16. 16.
    Ma, L., Xu, Q., Yang, Y.: Organic non-volatile memory by controlling the dynamic copper-ion concentration within the organic layer. Nature (2003) (submitted)Google Scholar
  17. 17.
    McCullagh, D.: RFID tags: Big Brother in small packages. CNet January 13 (2003), Referenced at,
  18. 18.
    Menezes, A.J., van Oorschot, P.C., Vanstone, S.A.: Handbook of Applied Cryptography. CRC Press, Boca Raton (1996)CrossRefGoogle Scholar
  19. 19.
    Molnar, D., Wagner, D.: Privacy and security in library RFID: Issues, practices, and architectures. In: ACM CCS 2004, ACM Press, New York (2004) (to appear)Google Scholar
  20. 20.
    Associated Press. Libraries eye RFID to track books: Privacy issues raised as San Francisco plans chips’ use. October 3 (2003)Google Scholar
  21. 21.
    RFID, privacy, and corporate data. RFID Journal June 2 (2003), Feature article. Referenced at on subscription basis
  22. 22.
    Sarma, S.E., Weis, S.A., Engels, D.W.: Radio-frequency-identification security risks and challenges. CryptoBytes 6(1)(2003)Google Scholar
  23. 23.
    Sarma, S.E.: Towards the five-cent tag. Technical Report MIT-AUTOID-WH-006, Auto-ID Labs (2001), Referenced at,
  24. 24.
    Sarma, S.E., Weis, S.A., Engels, D.W.: RFID systems and security and privacy implications. In: Kaliski Jr., B.S., Koç, Ç.K., Paar, C. (eds.) CHES 2002. LNCS, vol. 2523, pp. 454–469. Springer, Heidelberg (2003)CrossRefGoogle Scholar
  25. 25.
    Shim, R.: Benetton to track clothing with ID chips. CNET, March 11 (2003), Referenced at,
  26. 26.
    Stajano, F., Anderson, R.: The resurrecting duckling: Security issues for ad-hoc wireless networks. In: Malcolm, J.A., Christianson, B., Crispo, B., Roe, M. (eds.) Security Protocols 1999. LNCS, vol. 1796, pp. 172–194. Springer, Heidelberg (2000)CrossRefGoogle Scholar
  27. 27.
    Takaragi, K., Usami, M., Imura, R., Itsuki, R., Satoh, T.: An ultra small individual recognition security chip. IEEE Micro 21(6), 43–49 (2001)CrossRefGoogle Scholar
  28. 28.
    Weis, S.A., Sarma, S., Rivest, R., Engels, D.: Security and privacy aspects of low-cost radio frequency identification systems. In: First International Conference on Security in Pervasive Computing (2003)Google Scholar

Copyright information

© Springer-Verlag Berlin Heidelberg 2005

Authors and Affiliations

  • Ari Juels
    • 1
  1. 1.RSA LaboratoriesBedfordUSA

Personalised recommendations