Shoehorning Security into the EPC Tag Standard

  • Daniel V. Bailey
  • Ari Juels
Part of the Lecture Notes in Computer Science book series (LNCS, volume 4116)


The EPCglobal Class-1 Generation-2 UHF tag standard is certain to become the de facto worldwide specification for inexpensive RFID tags. Because of its sharp focus on simple “license plate” tags, it supports only the most rudimentary of security and privacy features, and essentially none of the cryptographic techniques that underpin authentication and privacy-protection in higher-powered computational devices. To support more-sophisticated applications, the drafters of this standard envisioned the re-use of the basic air interface and command set in higher-class standards. We propose ways to incorporate mainstream cryptographic functionality into the Class-1 Gen-2 standard. Our techniques circumvene the intended modes of operation of the standard, but adhere closely enough to preserve formal compliance. For this reason, we use the term shoehorning to describe our layering of new security functionality on the standard.


authentication cloning counterfeiting EPC PIN RFID 


Unable to display preview. Download preview PDF.

Unable to display preview. Download preview PDF.


  1. 1.
    ECRYPT (European network for excellence in cryptology) stream cipher project Web page (2006), Referenced 2006 at:
  2. 2.
    Arbaugh, W.A., Shankar, N., Justin Wan, Y.C.: Your 802.11 wireless network has no clothes (2006), Referenced 2006 at:
  3. 3.
    Avoine, G., Dysli, E., Oechslin, P.: Reducing time complexity in RFID systems. In: Preneel, B., Tavares, S. (eds.) SAC 2005. LNCS, vol. 3897, pp. 291–306. Springer, Heidelberg (2006)CrossRefGoogle Scholar
  4. 4.
    Bono, S., Green, M., Stubblefield, A., Juels, A., Rubin, A., Szydlo, M.: Security analysis of a cryptographically-enabled RFID device. In: McDaniel, P. (ed.) 14th USENIX Security Symposium, USENIX, pp. 1–16 (2005), Dedicated Web site at:
  5. 5.
    Collins, J.: Ge uses RFID to secure cargo. RFID Journal. (January 12, 2005), Referenced 2006 at:
  6. 6.
    Dierks, T., Allen, C.: The TLS protocol version 1.0 (2006) Referenced 2006 at:
  7. 7.
    Feldhofer, M., Dominikus, S., Wolkerstorfer, J.: Strong authentication for RFID systems using the AES algorithm. In: Joye, M., Quisquater, J.-J. (eds.) CHES 2004. LNCS, vol. 3156, pp. 357–370. Springer, Heidelberg (2004)CrossRefGoogle Scholar
  8. 8.
    Fishkin, K.P., Roy, S., Jiang, B.: Some methods for privacy in RFID communication. In: Castelluccia, C., Hartenstein, H., Paar, C., Westhoff, D. (eds.) ESAS 2004. LNCS, vol. 3313, pp. 42–53. Springer, Heidelberg (2005)CrossRefGoogle Scholar
  9. 9.
    Golle, P., Jakobsson, M., Juels, A., Syverson, P.F.: Universal re-encryption for mixnets. In: Okamoto, T. (ed.) CT-RSA 2004. LNCS, vol. 2964, pp. 163–178. Springer, Heidelberg (2004)CrossRefGoogle Scholar
  10. 10.
    IEEE. IEEE 802.11-1999, IEEE standard for information technology–telecommunications and information exchange between system–local and metropolitan area networks specific requirements–part 11: Wireless LAN medium access control (MAC) and physical layer (PHY) specifications (1999)Google Scholar
  11. 11.
    IEEE. IEEE 802.11i-2004, amendment to IEEE std 802.11, 1999 edition (reaff 2003). IEEE standard for information technology–telecommunications and information exchange between system–local and metropolitan area networks specific requirements–part 11: Wireless LAN medium access control (MAC) and physical layer (PHY) specifications–amendment 6: Medium access control (MAC) security enhancements. Referenced 2006 at:
  12. 12.
    EPCglobal Inc. Class 1 generation 2 UHF air interface protocol standard version 1.0.9. Referenced 2006 at:
  13. 13.
    EPCglobal Inc. Class 1 generation 2 UHF RFID conformance requirements version 1.0.2. Referenced 2006 at:
  14. 14.
    ISO. Identification cards – contactless integrated circuit(s) cards – proximity cards – part 4: Transmission protocol. Referenced 2006 at:
  15. 15.
    ISO. Identification cards – integrated circuit cards – part 4: Organization, security and commands for interchange. Referenced 2006 at:
  16. 16.
    Juels, A.: Minimalist cryptography for low-cost RFID tags (extended abstract). In: Blundo, C., Cimato, S. (eds.) SCN 2004. LNCS, vol. 3352, pp. 149–164. Springer, Heidelberg (2005)CrossRefGoogle Scholar
  17. 17.
    Juels, A.: ‘Yoking-proofs’ for RFID tags. In: Sandhu, R., Thomas, R. (eds.) Workshop on Pervasive Computing and Communications Security – PerSec 2004, pp. 138–143. IEEE Computer Society Press, Los Alamitos (2004)CrossRefGoogle Scholar
  18. 18.
    Juels, A.: Strengthing EPC tags against cloning. In: ACM Workshop on Wireless Security (WiSe), pp. 67–76. ACM Press, New York (2005)CrossRefGoogle Scholar
  19. 19.
    Juels, A.: RFID security and privacy: A research survey. J-SAC (to appear, 2006), Online version referenced 2005 at:
  20. 20.
    Juels, A., Rivest, R.L., Szydlo, M.: The blocker tag: Selective blocking of RFID tags for consumer privacy. In: Atluri, V. (ed.) 8th ACM Conference on Computer and Communications Security, pp. 103–111. ACM Press, New York (2003)CrossRefGoogle Scholar
  21. 21.
    Juels, A., Syverson, P.F., Bailey, D.: High-power proxies for enhancing RFID privacy and utility. In: Danezis, G., Martin, D. (eds.) PET 2005. LNCS, vol. 3856, pp. 210–226. Springer, Heidelberg (2006)CrossRefGoogle Scholar
  22. 22.
    Juels, A., Weis, S.A.: Authenticating pervasive devices with human protocols. In: Shoup, V. (ed.) CRYPTO 2005. LNCS, vol. 3621, pp. 293–308. Springer, Heidelberg (2005)Google Scholar
  23. 23.
    Karjoth, G., Moskowitz, P.: Disabling RFID tags with visible confirmation: Clipped tags are silenced (short paper). In: De Capitani di Vimercati, S., Dingledine, R. (eds.) Workshop on Privacy in the Electronic Society (WPES) (2005)Google Scholar
  24. 24.
    Molnar, D., Soppera, A., Wagner, D.: Privacy for RFID through trusted computing (short paper). In: De Capitani di Vimercati, S., Dingledine, R. (eds.) Workshop on Privacy in the Electronic Society (WPES) (2005)Google Scholar
  25. 25.
    Molnar, D., Wagner, D.: Privacy and security in library RFID: Issues, practices, and architectures. In: Pfitzmann, B., McDaniel, P. (eds.) ACM Conference on Communications and Computer Security, pp. 210–219. ACM Press, New York (2004)Google Scholar
  26. 26.
    Ohkubo, M., Suzuki, K., Kinoshita, S.: Efficient hash-chain based RFID privacy protection scheme. In: International Conference on Ubiquitous Computing – Ubicomp, Workshop Privacy: Current Status and Future Directions (2004)Google Scholar
  27. 27.
    Pappu, R., Recht, B., Taylor, J., Gershenfeld, N.: Physical one-way functions. Science 297, 2026–2030 (2002)CrossRefGoogle Scholar
  28. 28.
    Rieback, M.R., Crispo, B., Tanenbaum, A.S.: RFID guardian: A battery-powered mobile device for RFID privacy management. In: Boyd, C., González Nieto, J.M. (eds.) ACISP 2005. LNCS, vol. 3574, pp. 184–194. Springer, Heidelberg (2005)CrossRefGoogle Scholar
  29. 29.
    Staake, T., Thiesse, F., Fleisch, E.: Extending the EPC network – the potential of RFID in anti-counterfeiting. In: ACM Symposium on Applied Computing, pp. 1607–1612. ACM Press, New York (2005)CrossRefGoogle Scholar
  30. 30.
    Tuyls, P., Batina, L.: RFID-tags for anti-counterfeiting. In: Pointcheval, D. (ed.) CT-RSA 2006. LNCS, vol. 3860, pp. 115–131. Springer, Heidelberg (to appear, 2006)CrossRefGoogle Scholar
  31. 31.
    Vajda, I., Buttyán, L.: Lightweight authentication protocols for low-cost RFID tags. In: Workshop on Security in Ubiquitous Computing – Ubicomp 2003 (2003)Google Scholar

Copyright information

© Springer-Verlag Berlin Heidelberg 2006

Authors and Affiliations

  • Daniel V. Bailey
    • 1
  • Ari Juels
    • 1
  1. 1.RSA LaboratoriesBedfordUSA

Personalised recommendations