Distributed Path Authentication for Dynamic RFID-Enabled Supply Chains

  • Shaoying Cai
  • Yingjiu Li
  • Yunlei Zhao
Part of the IFIP Advances in Information and Communication Technology book series (IFIPAICT, volume 376)


In this paper, we propose a distributed path authentication solution for dynamic RFID-enabled supply chains to address the counterfeiting problem. Compared to existing general anti-counterfeiting solutions, our solution requires non sharing of item-level RFID information among supply chain parties, thus eliminating the requirement on high network bandwidth and fine-grained access control. Our solution is secure, privacy-preserving, and practical. It leverages on the standard EPCglobal network to share information about paths and parties in path authentication. Our solution can be implemented on standard EPC class 1 generation 2 tags with only 720 bits storage and no computational capability.


Supply Chain Secret Sharing Scheme Communication Load Path Code Multisignature Scheme 
These keywords were added by machine and not by the authors. This process is experimental and the keywords may be updated as the learning algorithm improves.


  1. 1.
  2. 2.
  3. 3.
  4. 4.
  5. 5.
  6. 6.
    ICC Commercial Crime Services. Counterfeiting intelligence bureau (2011),
  7. 7.
    Ó hÉigeartaigh, C.: Pairing computation on hyperelliptic curves of genus 2. PhD thesis, Dublin City University (2006)Google Scholar
  8. 8.
    Ateniese, G., Camenisch, J., Medeiros, B.D.: Untraceable RFID tags via insubvertible encryption. In: CCS, New York, USA, pp. 92–101 (2005)Google Scholar
  9. 9.
    Blass, E.O., Elkhiyaoui, K., Molva, R.: Tracker: Security and privacy for RFID-based supply chains. Cryptology ePrint Archive, Report 2010/219 (2010)Google Scholar
  10. 10.
    Blass, E.O., Elkhiyaoui, K., Molva, R.: Tracker: security and privacy for RFID-based supply chains. In: NDSS, San Diego, California, USA (2011)Google Scholar
  11. 11.
    Boldyreva, A., Gentry, C., O’Neill, A., Yum, D.H.: Ordered multisignatures and identity-based sequential aggregate signatures, with applications to secure routing. In: CCS, New York, NY, USA, pp. 276–285 (2007)Google Scholar
  12. 12.
    Boneh, D., Gentry, C., Lynn, B., Shacham, H.: A survey of two signature aggregation techniques. CryptoBytes 6(2) (2003)Google Scholar
  13. 13.
    Boneh, D., Lynn, B., Shacham, H.: Short Signatures from the Weil Pairing. In: Boyd, C. (ed.) ASIACRYPT 2001. LNCS, vol. 2248, pp. 514–532. Springer, Heidelberg (2001)CrossRefGoogle Scholar
  14. 14.
    Cai, S., Li, Y., Li, T., Deng, R.H.: Attacks and improvements to an rifd mutual authentication protocol and its extensions. In: WISEC, Zurich, Switzerland, pp. 51–58 (2009)Google Scholar
  15. 15.
    Dolev, D., Yao, A.C.: On the security of public key protocols. Technical report, Stanford, CA, USA (1981)Google Scholar
  16. 16.
    Gattorna, J.: Living Supply Chains. Pearson Education (2006)Google Scholar
  17. 17.
    Golle, P., Jakobsson, M., Juels, A., Syverson, P.: Universal re-encryption for mixnets. In: CT–RSA, San Francisco, California, USA, pp. 163–178 (2004)Google Scholar
  18. 18.
    Juels, A.: Minimalist Minimalist Cryptography for Low-Cost RFID Tags (Extended Abstract). In: Blundo, C., Cimato, S. (eds.) SCN 2004. LNCS, vol. 3352, pp. 149–164. Springer, Heidelberg (2005)CrossRefGoogle Scholar
  19. 19.
    Juels, A., Pappu, R., Parno, B.: Unidirectional Key Distribution Across Time and Space with Applications to RFID Security. In: USENIX, San Jose, California, USA, pp. 75–90 (2008)Google Scholar
  20. 20.
    Krawczyk, H., Bellare, M., Canetti, R.: RFC2104 - HMAC:Keyed-Hashing for Message Authentication. RFC Editor (1997)Google Scholar
  21. 21.
    Langheinrich, M., Marti, R.: Practical Minimalist Cryptography for RFID Privacy. IEEE Systems Journal, Special Issue on RFID Technology 1(2), 115–128 (2007)Google Scholar
  22. 22.
    Langheinrich, M., Marti, R.: RFID Privacy Using Spatially Distributed Shared Secrets. In: Ichikawa, H., Cho, W.-D., Satoh, I., Youn, H.Y. (eds.) UCS 2007. LNCS, vol. 4836, pp. 1–16. Springer, Heidelberg (2007)CrossRefGoogle Scholar
  23. 23.
    Li, Y., Ding, X.: Protecting rfid communications in supply chains. In: ASIACCS, New York, NY, USA, pp. 234–241 (2007)Google Scholar
  24. 24.
    Molnar, D., Wagner, D.: Privacy and Security in Library RFID: Issues, Practices, and Architectures. In: CCS, Washington, DC, USA, pp. 210–219 (2004)Google Scholar
  25. 25.
    Noubir, G., Vijayan, K., Nussbaumer, H.J.: Signature-based method for run-time fault detection in communication protocols. Computer Communications 21, 21–25 (1998)CrossRefGoogle Scholar
  26. 26.
    Reed, I.S., Solomon, G.: Polynomial codes Over Certain Finite Fields. Journal of the Society for Industrial and Applied Mathematics 8(2), 300–304 (1960)MathSciNetzbMATHCrossRefGoogle Scholar
  27. 27.
    Schneier, B.: Description of a new variable-length key, 64-bit block cipher (blowfish). In: Fast Software Encryption, Cambridge Security Workshop, London, UK, pp. 191–204 (1994)Google Scholar
  28. 28.
    Shamir, A.: How to share a secret. Commun. ACM 22(11), 612–613 (1979)MathSciNetzbMATHCrossRefGoogle Scholar
  29. 29.
    Song, B., Mitchell, C.J.: RFID Authentication Protocol for Low-cost Tags. In: WISEC, Alexandria, Virginia, USA, pp. 140–147 (2008)Google Scholar
  30. 30.
    Zanetti, D., Fellmann, L., Capkun, S.: Privacy-preserving Clone Detection for RFID-enabled Supply Chains. In: IEEE RFID, Orlando, Florida, USA, pp. 37–44 (2010)Google Scholar

Copyright information

© IFIP International Federation for Information Processing 2012

Authors and Affiliations

  • Shaoying Cai
    • 1
  • Yingjiu Li
    • 1
  • Yunlei Zhao
    • 2
  1. 1.Singapore Management UniversitySingapore
  2. 2.Fudan UniversityShanghaiChina

Personalised recommendations