Enabling Secure Secret Updating for Unidirectional Key Distribution in RFID-Enabled Supply Chains

  • Shaoying Cai
  • Tieyan Li
  • Changshe Ma
  • Yingjiu Li
  • Robert H. Deng
Part of the Lecture Notes in Computer Science book series (LNCS, volume 5927)

Abstract

In USENIX Security 08, Juels, Pappu and Parno proposed a secret sharing based mechanism to alleviate the key distribution problem in RFID-enabled supply chains. Compared to existing pseudonym based RFID protocols, the secret sharing based solution is more suitable for RFID-enabled supply chains since it does not require a database of keys be distributed among supply chain parties for secure ownership transfer of RFID tags. However, this mechanism cannot resist tag tracking and tag counterfeiting attacks in supply chain systems. It is also not convenient for downstream supply chain parties to adjust the size of RFID tag collections in recovering tag keys. To address these problems, we propose a flexible and secure secret update protocol which enables each supply chain party to update tag keys in a secure and efficient manner. Our proposal enhances the previous secret sharing based mechanism in that it not only solves the flexibility problem in unidirectional key distribution, but also ensures the security for ownership transfer of tags in RFID-enabled supply chains.

Keywords

Supply Chain Secret Sharing Authentication Protocol Secret Sharing Scheme Memory Bank 
These keywords were added by machine and not by the authors. This process is experimental and the keywords may be updated as the learning algorithm improves.

Preview

Unable to display preview. Download preview PDF.

Unable to display preview. Download preview PDF.

References

  1. 1.
    Cai, S., Li, T., Ma, C., Li, Y., Deng, R.: Enabling secure secret updating for unidirectional key distribution in rfid-enabled supply chains, http://icsd.i2r.a-star.edu.sg/staff/tieyan/SecureRFID/docs/ICICS09-full.pdf
  2. 2.
    EPCglobal. EPC radio-frequency identity protocols class-1 generation-2 UHF RFID protocol for communications at 860 MHz-960 MHz, version 1.2.0. (October 2008)Google Scholar
  3. 3.
    Fishkin, K., Roy, S., Jiang, B.: Some Methods for Privacy in RFID Communication. In: Castelluccia, C., Hartenstein, H., Paar, C., Westhoff, D. (eds.) ESAS 2004. LNCS, vol. 3313, pp. 42–53. Springer, Heidelberg (2005)Google Scholar
  4. 4.
    Juels, A., Pappu, R., Parno, B.: Unidirectional key distribution across time and space with applications to rfid security. In: 17th USENIX Security Symposium, pp. 75–90 (2008)Google Scholar
  5. 5.
    Juels, A.: RFID Security and Privacy: A Research Survey. IEEE Journal on Selected Areas in Communications 24(2), 381–394 (2006)CrossRefMathSciNetGoogle Scholar
  6. 6.
    Juels, A., Rivest, R., Szydlo, M.: The Blocker Tag: Selective Blocking of RFID Tags for Consumer Privacy. In: Conference on Computer and Communications Security – ACM CCS 2003, October 2003, pp. 103–111 (2003)Google Scholar
  7. 7.
    Karjoth, G., Moskowitz, P.: Disabling RFID Tags with Visible Confirmation: Clipped Tags Are Silenced. In: Workshop on Privacy in the Electronic Society – WPES 2005 (November 2005)Google Scholar
  8. 8.
    Langheinrich, M., Marti, R.: Practical Minimalist Cryptography for RFID Privacy. IEEE Systems Journal, Special Issue on RFID Technology 1(2), 115–128 (2007)Google Scholar
  9. 9.
    Langheinrich, M., Marti, R.: Rfid privacy using spatially distributed shared secrets. In: Ichikawa, H., Cho, W.-D., Satoh, I., Youn, H.Y. (eds.) UCS 2007. LNCS, vol. 4836, pp. 1–16. Springer, Heidelberg (2007)CrossRefGoogle Scholar
  10. 10.
    Li, Y., Ding, X.: Protecting RFID Communications in Supply Chains. In: Proceedings of the 2nd ACM Symposium on Information, Computer and Communications Security ASIACCS 2007, Singapore, pp. 234–241 (2007)Google Scholar
  11. 11.
    Molnar, D., Wagner, D.: Privacy and Security in Library RFID: Issues, Practices, and Architectures. In: Conference on Computer and Communications Security – ACM CCS 2004, October 2004, pp. 210–219 (2004)Google Scholar
  12. 12.
    Ohkubo, M., Suzuki, K., Kinoshita, S.: Efficient Hash-Chain Based RFID Privacy Protection Scheme. In: International Conference on Ubiquitous Computing – Ubicomp 2004 (September 2004)Google Scholar
  13. 13.
    Reed, I.S., Solomon, G.: Polynomial codes over certain finite fields. Journal SIAM 8, 300–304 (1960)MATHMathSciNetGoogle Scholar
  14. 14.
    Shamir, A.: How to share a secret. Commun. ACM 22(11), 612–613 (1979)MATHCrossRefMathSciNetGoogle Scholar
  15. 15.
    Weis, S.A., Sarma, S.E., Rivest, R.L., Engels, D.W.: Security and Privacy Aspects of Low-Cost Radio Frequency Identification Systems. In: Hutter, D., Müller, G., Stephan, W., Ullmann, M. (eds.) Security in Pervasive Computing. LNCS, vol. 2802, pp. 201–212. Springer, Heidelberg (2004)Google Scholar

Copyright information

© Springer-Verlag Berlin Heidelberg 2009

Authors and Affiliations

  • Shaoying Cai
    • 1
  • Tieyan Li
    • 2
  • Changshe Ma
    • 1
  • Yingjiu Li
    • 1
  • Robert H. Deng
    • 1
  1. 1.School of Information SystemsSingapore Management University 
  2. 2.Institute for Infocomm Research, A*STARSingapore

Personalised recommendations