Information Confinement, Privacy, and Security in RFID Systems

  • Roberto Di Pietro
  • Refik Molva
Part of the Lecture Notes in Computer Science book series (LNCS, volume 4734)


This paper describes an identification and authentication protocol for RFID tags with two contributions aiming at enhancing the security and privacy of RFID based systems. First, we assume that some of the servers storing the information related to the tags can be compromised. In order to protect the tags from potentially malicious servers, we devise a technique that makes RFID identification server-dependent, providing a different unique secret key shared by each pair of tag and server. The proposed solution requires the tag to store only a single secret key, regardless of the number of servers, thus fitting the constraints on tag’s memory. Second, we provide a probabilistic tag identification scheme that requires the server to perform simple bitwise operations, thus speeding up the identification process. The proposed tag identification protocol assures privacy, mutual authentication and resilience to both DoS and replay attacks. Finally, each of the two schemes described in this paper can be independently implemented to enhance the security of existing RFID protocols.


Unable to display preview. Download preview PDF.

Unable to display preview. Download preview PDF.


  1. 1.
    Juels, A.: Rfid security and privacy: A research survey. IEEE Journal on Selected Areas in Communications 24(2), 381–394 (2006)CrossRefMathSciNetGoogle Scholar
  2. 2.
    Tsudik, G.: Ya-trap: Yet another trivial rfid authentication protocol. In: IEEE PerCom Workshops, pp. 640–643. IEEE Computer Society Press, Los Alamitos (2006)Google Scholar
  3. 3.
    Molnar, D., Wagner, D.: Privacy and security in library rfid: issues, practices, and architectures. In: CCS 2004: Proceedings of the 11th ACM conference on Computer and communications security, pp. 210–219. ACM Press, New York (2004)CrossRefGoogle Scholar
  4. 4.
    Rhee, K., Kwak, J., Kim, S., Won, D.: Challenge-response based RFID authentication protocol for distributed database environment. In: Hutter, D., Ullmann, M. (eds.) SPC 2005. LNCS, vol. 3450, pp. 70–84. Springer, Heidelberg (2005)Google Scholar
  5. 5.
    Avoine, G., Dysli, E., Oechslin, P.: Reducing time complexity in RFID systems. In: Preneel, B., Tavares, S. (eds.) SAC 2005. LNCS, vol. 3897, pp. 291–306. Springer, Heidelberg (2006)CrossRefGoogle Scholar
  6. 6.
    Avoine, G., Oechslin, P.: A scalable and provably secure hash based RFID protocol. In: International Workshop on Pervasive Computing and Communication Security – PerSec 2005, Kauai Island, Hawaii, USA, March 2005, pp. 110–114. IEEE, IEEE Computer Society Press, Los Alamitos (2005)Google Scholar
  7. 7.
    Hellman, M.: A cryptanalytic time-memory tradeoff. IEEE Transactions on Information Theory 26, 401–406 (1980)MATHCrossRefMathSciNetGoogle Scholar
  8. 8.
    Conti, M., Di Pietro, R., Mancini, L.V., Spognardi, A.: RIPP-FS: an rfid identification, privacy preserving protocol with forward secrecy. In: Proceedings of the 3rd IEEE International Workshop on Pervasive Computing and Communication Security, IEEE Press, Los Alamitos (to appear, 2007)Google Scholar
  9. 9.
    Juels, A., Weis, S.: Authenticating pervasive devices with human protocols. In: Shoup, V. (ed.) CRYPTO 2005. LNCS, vol. 3621, pp. 293–308. Springer, Heidelberg (2005)Google Scholar
  10. 10.
    Hopper, N.J., Blum, M.: Secure human identification protocols. In: Boyd, C. (ed.) ASIACRYPT 2001. LNCS, vol. 2248, pp. 52–66. Springer, Heidelberg (2001)CrossRefGoogle Scholar
  11. 11.
    Gilbert, H., Robshaw, M., Sibert, H.: An active attack against HB+ - a provably secure lightweight authentication protocol. Cryptology ePrint Archive, Report 2005/237 (2005)Google Scholar
  12. 12.
    Bringer, J., Chabanne, H., Emmanuelle, D.: HB + + : a lightweight authentication protocol secure against some attacks. In: IEEE International Conference on Pervasive Services, Workshop on Security, Privacy and Trust in Pervasive and Ubiquitous Computing – SecPerU 2006, Lyon, France, June 2006, IEEE, IEEE Computer Society Press, IEEE International Conference on Pervasive Services (2006)Google Scholar
  13. 13.
    Piramuthu, S.: HB and related lightweight authentication protocols for secure RFID tag/reader authentication. In: Collaborative Electronic Commerce Technology and Research – CollECTeR 2006, Basel, Switzerland (June 2006)Google Scholar
  14. 14.
    Menezes, A.J., van Oorschot, P.C., Vanstone, S.A.: Chapter 9 - Hash Functions and Data Integrity. In: Handbook of applied cryptography, CRC Press, Boca Raton, USA (1996)Google Scholar
  15. 15.
    Feldhofer, M., Wolkerstorfer, J., Rijmen, V.: Aes implementation on a grain of sand. IEE Proceedings - Information Security 152(1), 13–20 (2005)CrossRefGoogle Scholar
  16. 16.
    Pramstaller, N., Rechberger, C., Rijmen, V.: A compact fpga implementation of the hash function whirlpool. In: FPGA ’06: Proceedings of the 2006 ACM/SIGDA 14th international symposium on Field programmable gate arrays, pp. 159–166. ACM Press, New York (2006)Google Scholar
  17. 17.
    Matsui, M.: Linear cryptanalysis method for des cipher. In: Helleseth, T. (ed.) EUROCRYPT 1993. LNCS, vol. 765, pp. 386–397. Springer, Heidelberg (1994)Google Scholar

Copyright information

© Springer-Verlag Berlin Heidelberg 2007

Authors and Affiliations

  • Roberto Di Pietro
    • 1
  • Refik Molva
    • 2
  1. 1.Dipartimento di Matematica, Università di Roma Tre, L.go S. Murialdo, 1 - 00146 RomaItaly
  2. 2.Institut Eurécom, 2229, route des crêtes, Sophia-AntipolisFrance

Personalised recommendations