Abstract
Low-cost Radio Frequency Identification (RFID) tags affixed to consumer items as smart labels are emerging as one of the most pervasive computing technology in history. This can have huge security implications. The present article surveys the most important technical security challenges of RFID systems. We first provide a brief summary of the most relevant standards related to this technology. Next, we present an overview about the state of the art on RFID security, addressing both the functional aspects and the security risks and threats associated to its use. Finally, we analyze the main security solutions proposed until date.
Chapter PDF
Similar content being viewed by others
References
Avoine, G., Oechslin, P.: A scalable and provably secure hash-based RFID protocol. In: PERSEC 2005, pp. 110–114. IEEE Computer Society Press, Los Alamitos (2005)
Balanis, C.A.: Antenna theory: analysis and design. John Wiley, Chichester (1997)
Biryukov, A., Lano, J., Preneel, B.: Recent attacks on alleged securid and their practical implications. Computers and Security 24(5), 364–370 (2005)
CASPIAN (2005), http://www.nocards.org/
Auto-ID Center. 900 MHz class 0 radio frequency (RF) identification tag specification. Draft (March 2003)
Choi, E.Y., Lee, S.M., Lee, D.H.: Efficient RFID authentication protocol for ubiquitous computing environment. In: RSCTC 2000. LNCS, Springer, Heidelberg (2005)
Dimitriou, T.: A lightweight RFID protocol to protect against traceability and cloning attacks. In: Proc. of SECURECOMM (2005)
GS1 - EAN International (June 2005), http://www.ean-int.org/
EPCglobal (June 2005), http://www.epcglobalinc.org/
Feldhofer, M., Dominikus, S., Wolkerstorfer, J.: Strong authentication for RFID systems using the AES algorithm. In: Joye, M., Quisquater, J.-J. (eds.) CHES 2004. LNCS, vol. 3156, pp. 357–370. Springer, Heidelberg (2004)
Garfinkel, S.: Bill of Rights (October 2002), http://www.technologyreview.com
Golle, P., Jakobsson, M., Juels, A., Syverson, P.F.: Universal re-encryption for mixnets. In: Okamoto, T. (ed.) CT-RSA 2004. LNCS, vol. 2964, pp. 163–178. Springer, Heidelberg (2004)
Gunther, O., Spiekermann, S.: RFID and the perception of control: the consumer’s view. Commun. ACM 48(9), 73–76 (2005)
Henrici, D., Müller, P.: Hash-based enhancement of location privacy for radio-frequency identification devices using varying identifiers. In: PERSEC 2004, pp. 149–153. IEEE Computer Society Press, Los Alamitos (2004)
ITU page on definitions of ISM bands (September 2005), http://www.itu.int/ITU-R/terrestrial/faq/index.html
Juels, A.: Minimalist cryptography for low-cost RFID tags. In: Blundo, C., Cimato, S. (eds.) SCN 2004. LNCS, vol. 3352, pp. 149–164. Springer, Heidelberg (2005)
Juels, A., Brainard, J.: Soft blocking: Flexible blocker tags on the cheap. In: WPES 2004, pp. 1–7. ACM Press, New York (2004)
Juels, A., Pappu, R.: Squealing euros: Privacy protection in RFID-enabled banknotes. In: Wright, R.N. (ed.) FC 2003. LNCS, vol. 2742, pp. 103–121. Springer, Heidelberg (2003)
Juels, A., Rivest, R., Szydlo, M.: The blocker tag: Selective blocking of RFID tags for consumer privacy. In: ACM CCS 2003, pp. 103–111. ACM Press, New York (2003)
Juels, A., Weis, S.A.: Authenticating Pervasive Devices with Human Protocols. In: Shoup, V. (ed.) CRYPTO 2005. LNCS, vol. 3126, pp. 293–308. Springer, Heidelberg (2005)
Jung, M., Fiedler, H., Lerch, R.: 8-bit microcontroller system with area efficient AES coprocessor for transponder applications. In: Ecrypt Workshop on RFID and Lightweight Crypto (2005)
Kinoshita, S., Hoshino, F., Komuro, T., Fujimura, A., Ohkubo, M.: Low-cost RFID privacy protection scheme. IPS Journal 45(8), 2007–2021 (2003)
Lee, S.M., Hwang, Y.J., Lee, D.-H., Lim, J.-I.: Efficient Authentication for Low-Cost RFID Systems. In: Gervasi, O., Gavrilova, M.L., Kumar, V., Laganá, A., Lee, H.P., Mun, Y., Taniar, D., Tan, C.J.K. (eds.) ICCSA 2005. LNCS, vol. 3480, pp. 619–627. Springer, Heidelberg (2005)
mCloak for RFID tags (September 2005), http://www.mobilecloak.com/rfidtag/rfid.tag.html
Molnar, D., Soppera, A., Wagner, D.: A scalable, delegatable, pseudonym protocol enabling ownership transfer of RFID tags. In: Ecrypt Workshop on RFID and Lightweight Crypto (July 2005)
Molnar, D., Wagner, D.: Privacy and security in library RFID: Issues, practices, and architectures. In: ACM CCS 2004, pp. 210–219. ACM Press, New York (2004)
Ohkubo, M., Suzuki, K., Kinoshita, S.: Cryptographic approach to “privacy-friendly” tags. In: RFID Privacy Workshop (2003)
Saito, J., Ryou, J.-C., Sakurai, K.: Enhancing privacy of universal re-encryption scheme for RFID tags. In: Yang, L.T., Guo, M., Gao, G.R., Jha, N.K. (eds.) EUC 2004. LNCS, vol. 3207, pp. 879–890. Springer, Heidelberg (2004)
Sean, W., Thomas, L.: Automatic identification and data collection technologies in the transportation industry: BarCode and RFID. Technical report (2001)
Vajda, I., Buttyán, L.: Lightweight authentication protocols for low-cost RFID tags. In: UBICOMP 2003 (2003)
Weis, S.: Security parallels between people and pervasive devices. In: PERSEC 2005, pp. 105–109. IEEE Computer Society Press, Los Alamitos (2005)
Weis, S.A., Sarma, S.E., Rivest, R.L., Engels, D.W.: Security and Privacy Aspects of Low-Cost Radio Frequency Identification Systems. In: Hutter, D., Müller, G., Stephan, W., Ullmann, M. (eds.) Security in Pervasive Computing. LNCS, vol. 2802, pp. 201–212. Springer, Heidelberg (2004)
Weiser, M.: The computer for the 21st century. Scientific American 265(3), 94–104 (1991)
Yang, J., Park, J., Lee, H., Ren, K., Kim, K.: Mutual authentication protocol for low-cost RFID. In: Ecrypt Workshop on RFID and Lightweight Crypto (2005)
Author information
Authors and Affiliations
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2006 Springer-Verlag Berlin Heidelberg
About this paper
Cite this paper
Peris-Lopez, P., Hernandez-Castro, J.C., Estevez-Tapiador, J.M., Ribagorda, A. (2006). RFID Systems: A Survey on Security Threats and Proposed Solutions. In: Cuenca, P., Orozco-Barbosa, L. (eds) Personal Wireless Communications. PWC 2006. Lecture Notes in Computer Science, vol 4217. Springer, Berlin, Heidelberg. https://doi.org/10.1007/11872153_14
Download citation
DOI: https://doi.org/10.1007/11872153_14
Publisher Name: Springer, Berlin, Heidelberg
Print ISBN: 978-3-540-45174-7
Online ISBN: 978-3-540-45176-1
eBook Packages: Computer ScienceComputer Science (R0)