Comprehensive Protection of RFID Traceability Information Systems Using Aggregate Signatures

  • Guillermo Azuara
  • José Luis Salazar
Part of the Lecture Notes in Computer Science book series (LNCS, volume 6694)


This work describes how the use of aggregate signatures can contribute to the comprehensive protection of RFID systems. Following a brief description of a product traceability system based on RFID technology and made secure by the use of aggregate signatures, a review is given of the main security threats to such systems and it is shown how the properties of aggregate signatures can provide comprehensive protection. Throughout the paper the protection measures adopted against the threats described for a real prototype are explained.


RFID Virus Aggregate signatures 


Unable to display preview. Download preview PDF.

Unable to display preview. Download preview PDF.


  1. 1.
    Mitrokotsa, A., Rieback, M.R., Tanenbaum, A.S.: Classifying RFID Attacks and Defenses. Inf. Syst. Front. 12, 491–505 (2010)CrossRefGoogle Scholar
  2. 2.
    Landt, J.: The History of RFID. IEEE Potentials 24, 8–11 (2005)CrossRefGoogle Scholar
  3. 3.
    ISO/IEC Guide, I.S.O.: 99:2007 - International Vocabulary of Metrology – Basic and General Concepts and Associated Terms, VIM (2007)Google Scholar
  4. 4.
    Azuara, G., Salazar, J.L., Tornos, J.L., et al.: Reliable Food Traceability Using RFID Tagging. In: Sion, R., Curtmola, R., Dietrich, S., Kiayias, A., Miret, J.M., Sako, K., Sebé, F. (eds.) RLCPS, WECSR, and WLC 2010. LNCS, vol. 6054, pp. 57–67. Springer, Heidelberg (2010)CrossRefGoogle Scholar
  5. 5.
    Boneh, D., Gentry, C., Lynn, B., et al.: Aggregate and Verifiably Encrypted Signatures from Bilinear Maps. In: Biham, E. (ed.) EUROCRYPT 2003. LNCS, vol. 2656, pp. 416–432. Springer, Heidelberg (2003)CrossRefGoogle Scholar
  6. 6.
    Garrido, P., Naranjo, F., Tramullas, J., et al.: Free Traceability Management using RFID and Topic Maps. In: Proceedings of the 4th European Conference on Information Management and Evaluation, pp. 93–103 (2010)Google Scholar
  7. 7.
    López, A.M., Pascual, E., Salinas, A.M., et al.: Design of a RFID Based Traceability System in a Slaughterhause. In: Workshops Proceedings of the 5th International Conference on Intelligent Environments, vol. 4, pp. 67–68 (2009)Google Scholar
  8. 8.
    Avoine, G., Oechslin, P.: RFID traceability: A multilayer problem. In: S. Patrick, A., Yung, M. (eds.) FC 2005. LNCS, vol. 3570, pp. 125–140. Springer, Heidelberg (2005)CrossRefGoogle Scholar
  9. 9.
    Ayoade, J.: Roadmap to Solving Security and Privacy Concerns in RFID Systems. Computer Law & Security Report 23, 555–561 (2007)CrossRefGoogle Scholar
  10. 10.
    Garfinkel, S.L., Juels, A., Pappu, R.: RFID Privacy: An Overview of Problems and Proposed Solutions. IEEE Security & Privacy 3, 34–43 (2005)CrossRefGoogle Scholar
  11. 11.
    Karygicmnis, A., Phillips, T., Tsibertzopoulos, A.: RFID Security: A Taxonomy of Risk. In: First International Conference on Communications and Networking in China, pp. 1–8 (2006)Google Scholar
  12. 12.
    Rieback, M.: Security and Privacy of Radio Frecuency Identification. Vrije Universiteit, Amsterdam (2008)Google Scholar
  13. 13.
    Karygiannis, A. T., Eydt, B., Barber, G., et al.: Guidelines for Securing Radio Frequency Identification (RFID) Systems. NIST SP - 800-98 (2007) Google Scholar
  14. 14.
    Auto-ID Center: 860MHz – 930 MHz Class 1 Radio Frequency (RF) Identification Tag Radio Frequency & Logical Communication Interface Specification Defines Communications Interface and Protocol, RF, and Tag Requirements (2003)Google Scholar
  15. 15.
    Auto-ID Center: 900 MHz Class 0 Radio Frequency (RF) Identification Tag Specification Communications Interface and Protocol, RF, and Tag Requirements, Operational Algorithms for 900MHz Communications (2003)Google Scholar
  16. 16.
    Auto-ID Center: 13.56 MHz ISM Band Class 1 Radio Frequency (RF) Identification Tag Interface Specification Defines Communications Interface and Protocol, RF, and Tag Requirements (2003)Google Scholar
  17. 17.
    Juels, A., Rivest, R. L., Szydlo, M.: The Blocker Tag: Selective Blocking of RFID Tags for Consumer Privacy. pp.103-111 (2003)Google Scholar
  18. 18.
    Bolan, C.: The Lazarus Effect: Resurrecting Killed RFID Tags (2006)Google Scholar
  19. 19.
    El-Said, M.M., Woodring, I.: An Empirical Study for Protecting Passive RFID Systems Against Cloning. In: Sixth International Conference on Information Technology: New Generations, pp. 558–563 (2009)Google Scholar
  20. 20.
    Kfir, Z., Wool, A.: Picking Virtual Pockets using Relay Attacks on Contactless Smartcard. In: Security and Privacy for Emerging Areas in Communications Networks, pp. 47–58 (2005)Google Scholar
  21. 21.
    Bolotnyy, L., Robins, G.: Physically Unclonable Function-Based Security and Privacy in RFID Systems. In: Fifth Annual IEEE International Conference on Pervasive Computing and Communications, pp. 211–220 (2007)Google Scholar
  22. 22.
    Devadas, S., Suh, E., Paral, S., et al.: Design and Implementation of PUF-Based “Unclonable” RFID ICs for Anti-Counterfeiting and Security Applications. In: IEEE International Conference on RFID, pp. 58–64 (2008)Google Scholar
  23. 23.
    Jeng, A.B., Chang, L.-C., Wei, T.-E.: Survey and Remedy of the Technologies used for RFID Tags Against Counterfeiting. International Conference on Machine Learning and Cybernetics 5, 2975–2981 (2009)Google Scholar
  24. 24.
    Abawajy, J.: Enhancing RFID Tag Resistance Against Cloning Attack. In: Third International Conference on Network and System Security, pp. 18–23 (2009)Google Scholar
  25. 25.
    Tuyls, P., Batina, L.: RFID-tags for anti-counterfeiting. In: Pointcheval, D. (ed.) CT-RSA 2006. LNCS, vol. 3860, pp. 115–131. Springer, Heidelberg (2006)CrossRefGoogle Scholar
  26. 26.
    Juels, A.: Strengthening EPC Tags Against Cloning. In: Proceedings of the 4th ACM Workshop on Wireless Security, pp. 67–76 (2005)Google Scholar
  27. 27.
    Duc, D.N., Park, J., Lee, H., et al.: Enhancing Security of EPCglobal Gen-2 RFID Tag Against Traceability and Cloning (2006)Google Scholar
  28. 28.
    Laurie, A.: Practical Attacks Against RFID. Network Security 2007, 4–7 (2007)CrossRefGoogle Scholar
  29. 29.
    Mirowski, L.T., Hartnett, J.: Deckard: A System to Detect Change of RFID Tag Ownership. IJCSNS International Journal of Computer Science and Network Security 7, 87–98 (2007)Google Scholar
  30. 30.
    Zanetti, D., Fellmann, L., Capkun, S.: Privacy-Preserving Clone Detection for RFID-Enabled Supply Chains. In: IEEE International Conference on RFID 2010, pp. 37–44 (2010)Google Scholar
  31. 31.
    Khor, J.H., Ismail, W., Younis, M.I., et al.: Security Problems in an RFID System. Wireless Pers. Commun. 1(10) (2010)Google Scholar
  32. 32.
    Clarke, J.: Platform-Level Defenses. In: Anonymous SQL Injection Attacks and Defense, pp. 377–413. Syngress, Boston (2009)Google Scholar
  33. 33.
    Clarke, J.: Code-Level Defenses. In: Anonymous SQL Injection Attacks and Defense, pp. 341–376. Syngress, Boston (2009)Google Scholar

Copyright information

© Springer-Verlag Berlin Heidelberg 2011

Authors and Affiliations

  • Guillermo Azuara
    • 1
  • José Luis Salazar
    • 1
  1. 1.University of ZaragozaZaragozaSpain

Personalised recommendations