Abstract
Authentication has an important role in many RFID applications for providing security and privacy. In this paper we focus on investigating how RFID can be used in product authentication in supply chain applications and a review of existing approaches is provided. The different categories of RFID product authentication approaches are analyzed within the context of anticounterfeiting and fields where future research is needed are identified.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
Preview
Unable to display preview. Download preview PDF.
References
Lampe, M., Strassner, M.: The potential of RFID for moveable asset management. In: Workshop on Ubiquitous Commerce at Ubicomp (2003)
NJE Consulting: RFID in waste management (2006). Available from: http://www.nje.ca/Index_RFIDWasteManagement.htm (22.6.2006)
RFID in Japan: Shoe RFID expands. News Article, July 10, 2005 (via Nikkei Ryutsu Shimbun MJ, July 6, 2005). Available from: http://ubiks.net/local/blog/jmt/archives3/ 004067.html (22.5.2006)
RFID Journal: Wal-Mart draws line in the sand. News Article, June 11 (2003). Available from: http://www.rfidjournal.com/article/articleview/462/1/1/ (11.5.2006)
RFID Journal: Can RFID save the cattle industry? Vertical Focus, December 23 (2003). Available from: http://www.rfidjournal.com/article/articleview/1032 (22.5.2006)
RFID Journal: Long-range RFID for access control. News Article, July 8 (2003). Available from: http://www.rfidjournal.com/article/articleview/493/1/1/ (22.6.2006)
International Chamber of Commerce: IP Roadmap 2005: Current and emerging intellectual property issues for business. ICC, Paris (2005) 52. Available from: http://www.iccwbo.org/iproadmap/ (19.5.2006)
Organization for Economic Co-operation and Development (OECD): The Economic Impact of Counterfeiting (1998). Available from: http://www.oecd.org/dataoecd/ 11/11/2090589.pdf (3.5.2006)
U.S. Food and Drug Administration: Combating Counterfeit Drugs - A Report of the Food and Drug Administration, February (2004). Available from: http://www.fda.gov/oc/initiatives/counterfeit/report02_04.html (2.5.2006)
Staake, T., Thiesse, F., Fleisch, E.: Extending the EPC network - the potential of RFID in anti-counterfeiting. In: Proceedings of the 2005 ACM Symposium on Applied Computing (2005) 1607 - 1612
EPCglobal: Class-1 Generation-2 UHF RFID Conformance Requirements Specification v. 1.0.2. EPCglobal public document, February (2005)
RFID Journal: EPC tags subject to phone attacks. News Article, February 24 (2006). Available from: http://www.rfidjournal.com/article/articleview/2167/1/1/ (4.5.2006)
Bono, S., Green, M., Stubblefield, A., Juels, A., Rubin, A., Szydlo, M.: Security analysis of a cryptographically enabled RFID device. Pre-print (2006). Available from: www.rfidanalysis.org (4.5.2006)
RFID Journal: RFID, Privacy and Corporate Data. Feature Article, June 2 (2003). Available from: http://www.rfidjournal.com on subscription basis
Weingart, S.: Physical security devices for computer subsystems: A survey of attacks and defense. In: Koc, C.K., Paar, C., (ed.): Lecture Notes in Computer Science, Vol. 1965. Springer-Verlag, Berlin Heidelberg New York (2000) 302–317
Gilbert, H., Robshaw, M., Sibert, H.: An active attack against HB+ – a provably secure lightweight authentication protocol. Manuscript, July (2005)
Juels, A., Brainard, J.: Soft blocking: Flexible blocker tags on the cheap. In: Vimercati S.de.C., Syverson, P., (ed.): Workshop on Privacy in the Electronic Society – WPES, Washington. ACM, ACM Press October (2004) 1–7
Kang, J., Nyang, D.: RFID authentication protocol with strong resistance against traceability and denial of service attacks. In: Molva, R., Tsudik, G., Westhoff, D. (ed.): European Workshop on Security and Privacy in Ad hoc and Sensor Networks – ESAS”05, Lecture Notes in Computer Science, Vol. 3813. Springer-Verlag, Berlin Heidelberg New York (2005) 164–175
Juels, A.: RFID security and privacy: A research survey. Condensed version to appear in 2006 in the IEEE Journal on Selected Areas in Communication (2005)
Takaragi, K., Usami, M., Imura, R., Itsuki, R., Satoh, T.: An ultra small individual recognition security chip. In: IEEE Micro, November-December (2001)
Koh, R., Schuster, E., Chackrabarti, I., Bellman, A.: Securing the pharmaceutical supply chain. In: White Paper, Auto-ID Labs, Massachusetts Institute of Technology (2003)
Pearson, J.: Securing the pharmaceutical supply chain with RFID and public-key infrastructure (PKI) technologies. Texas Instruments White Paper, June (2005). Available from: http://www.ti.com/rfid/docs/docntr.shtml (28.4.2006)
RFID Journal: Congress weighs drug anti-counterfeiting bill. News Article, March (2005). Available from: http://www.rfidjournal.com/article/articleview/2180/1/1/ (19.5.2006)
Weis, S., Sarma, S., Rivest, R., Engels, D.: Security and privacy aspects of low-cost radio frequency identification systems. In: Hutter, D., Müller, G., Stephan, W., Ullmann, M. (ed.): International Conference on Security in Pervasive Computing - SPC 2003, Lecture Notes in Computer Science, Vol. 2802. Springer-Verlag, Berlin Heidelberg New York (2003) 454–469
Henrici, D., Müller, P.: Hash-based enhancement of location privacy for radiofrequency identification devices using varying identifiers. In: Sandhu, R., Thomas, R. (ed.): International Workshop on Pervasive Computing and Communication Security – PerSec (2004)
Avoine, G., Oechslin, P.: A scalable and provably secure hash based RFID protocol. In International Workshop on Pervasive Computing and Communication Security – PerSec, Kauai Island, Hawaii (2005)
Ohkubo, M., Suzuki, K., Kinoshita, S.: Cryptographic approach to “privacy-friendly” tags. In RFID Privacy Workshop, MIT, MA, USA, November (2003)
Lee, S.M., Hwang, Y.J., Lee, D. H., Lim, J.I.: Efficient authentication for low-cost RFID systems. In: Gervasi, O., Gavrilova, M., Kumar, V., Lagana`a, A., Lee, H.P., Mun, Y., Taniar, D., Tan, C.J.K., (ed.): International Conference on Computational Science and its Applications - ICCSA 2005. Lecture Notes in Computer Science, Part I, Volume 3480, Springer-Verlag, Singapore (2005) 619—627
Choi, E.Y., Lee, S.M., Lee, D. H.: Efficient RFID authentication protocol for ubiquitous computing environment. In International Workshop on Security in Ubiquitous Computing Systems – Secubiq. Lecture Notes in Computer Science, Springer-Verlag, Nagasaki, Japan (2005)
Lee, S., Asano, T., Kim, K.: RFID Mutual Authentication Scheme based on Synchronized Secret Information. In Symposium on Cryptography and Information Security, Hiroshima, Japan, January (2006)
Juels, A. Pappu., R.: Squealing Euros: Privacy Protection in RFID-Enabled Banknotes. In: Wright R. (ed.): Financial Cryptography – FC”03. Lecture Notes in Computer Science, Volume 2742, Springer-Verlag, Le Gosier, Guadeloupe, French West Indies, IFCA (2003) 103—121
Zhang, X., King, B.: Integrity Improvements to an RFID Privacy Protection Protocol for Anti-counterfeiting. In: Zhou, J., Lopez, J., Deng, R., Bao, F. (ed.): Information Security Conference – ISC 2005. Lecture Notes in Computer Science, Vol. 3650, Springer-Verlag, Singapore (2005) 74–481
Tsudik, G.: YA-TRAP: Yet another trivial RFID authentication protocol. In International Conference on Pervasive Computing and Communications – PerCom 2006, Pisa, Italy, March (2006)
Molnar, D., Soppera, A., Wagner, D.: A scalable, delegatable, pseudonym protocol enabling ownership transfer of RFID tags. Handout of the Ecrypt Workshop on RFID and Lightweight Crypto, July (2005)
Chatmon, C., Le, T.V., Burmester, M.: Secure anonymous RFID authentication protocols. Technical Report TR-060112, Florida State University, Department of Computer Science, Tallahassee, Florida, USA, (2006)
Juels, A.: Minimalist cryptography for low-cost RFID tag. In Conference on Security in Communication Networks – SCN”04, LNCS, Amalfi, Italia, September (2004) Springer-Verlag
Juels, A.: Strengthening EPC Tags Against Cloning. In: Jakobsson, M., Poovendran, R. (ed.): ACM Workshop on Wireless Security (2005) 67—76
Vajda, I., Buttyán, L.: Lightweight authentication protocols for low-cost RFID tags. Workshop on Security in Ubiquitous Computing (2003)
Juels, A., Weis, S.: Authenticating pervasive devices with human protocols. In: Shoup, V. (ed.): Advances in Cryptology – CRYPTO”05. Lecture Notes in Computer Science, Vol. 3126, IACR, Springer-Verlag, Santa Barbara, California (2005) 293–308
Hopper, N., Blum, M.: A Secure Human-Computer Authentication Scheme. Tech. Rep. CMU-CS-00–139, Carnegie Mellon University (2000)
Katz, J., Shin, J.S.: Parallel and concurrent security of the HB and HB+ protocols. In Serge Vaudenay, editor, Advances in Cryptology – EUROCRYPT”06, Lecture Notes in Computer Science, IACR, Springer-Verlag, Saint Petersburg, Russia (2006)
Piramuthu, S.: HB and related lightweight authentication protocols for secure RFID tag/reader authentication. In Collaborative Electronic Commerce Technology and Research – CollECTeR 2006, Basel, Switzerland (2006)
Dimitriou, T.: A Secure and Efficient RFID Protocol that could make Big Brother (partially) Obsolete. In International Conference on Pervasive Computing and Communications – PerCom 2006, Pisa, Italy, March (2006)
Dimitriou, T.: A Lightweight RFID Protocol to protect against Traceability and Cloning attacks. In Conference on Security and Privacy for Emerging Areas in Communication Networks – SecureComm, Athens, Greece, September (2005)
Duc, D.N., Park, J., Lee, H., Kim, K.: Enhancing Security of EPCglobal Gen-2 RFID Tag against Traceability and Cloning (2006)
Ranasinghe, D., Engels, D., Cole, P.: Security and privacy: Modest proposals for low-cost RFID systems. In Auto-ID Labs Research Workshop, Zurich, Switzerland (2004)
Lee, J., Lim, D., Gassend, B., Suh, G.E., Dijk, M., Devadas, S.: A Technique to Build a Secret Key in Integrated Circuits for Identification and Authentication Applications. Symposium on VLSI circuits (2004)
Tuyls, P., Batina, L.: RFID-tags for Anti-Counterfeiting. In: Pointcheval, D. (ed.): Topics in Cryptology – CT-RSA – The Cryptographers” Track at the RSA Conference. Lecture Notes in Computer Science, No. 115–131, Springer Verlag, San Jose (2006) 3860
Engberg, S., Harning, M., Damsgaard-Jensen, C.: Zero-knowledge device authentication: Privacy & security enhanced RFID preserving business value and consumer convenience. In Conference on Privacy, Security and Trust – PST, New Brunswick, Canada, October (2004)
Rhee, K., Kwak, J., Kim, S., Won, D.: Challenge-response based RFID authentication protocol for distributed database environment. In: Hutter, D., Ullmann, M. (ed.): International Conference on Security in Pervasive Computing – SPC 2005. Lecture Notes in Computer Science, Vol. 3450, Springer-Verlag, Boppard, Germany (2005) 70–84
Molnar, D., Wagner, D.: Privacy and Security in Library RFID: Issues, Practices, and Architectures. In: Pfitzmann, B., Liu, P. (ed.): Conference on Computer and Communications Security – ACM CCS, pages 210–219, Washington, DC, USA, October (2004)
Gao, X., Xiang, Z., Wang, H., Shen, J., Huang, J., Song, S.: An approach to security and privacy of RFID system for supply chain. IEEE International Conference on E-Commerce Technology for Dynamic E-Business (2004)
Yang, J., Park, J., Lee, H., Ren, K., Kim, K.: Mutual authentication protocol for lowcost RFID. Handout of the Ecrypt Workshop on RFID and Lightweight Crypto, July (2005)
Dominikus, S., Oswald, E., and Feldhofer, M.: Symmetric authentication for RFID systems in practice. ECRYPT Workshop on RFID and Lightweight Crypto, Graz, Austria, July (2005)
Feldhofer, M.: A Proposal for Authentication Protocol in a Security Layer for RFID Smart Tags. Stiftung Secure Information and Communication Technologies SIC (2003)
Feldhofer, M., Dominikus, S., Wolkerstorfer, J.: Strong authentication for RFID systems using the AES algorithm. Workshop on Cryptographic Hardware and Embedded Systems – CHES 2004. Lecture Notes in Computer Science, Vol. 3156, Springer-Verlag (2004) 357–370
Bailey, D., Juels, A.: Shoehorning security into the EPC standard. Manuscript in submission, January (2006)
Nochta, Z., Staake, T., Fleisch, E.: Product Specific Security Features Based on RFID Technology. Saint-w, pp. 72–75, International Symposium on Applications and the Internet Workshops (SAINTW”06) (2006)
Sarma, S.: Towards the 5¢ Tag. White Paper, Auto-ID Center, MIT (2001). Available from: http://www.autoidlabs.org/whitepapers/mit-autoid-wh-006.pdf (5.5.2006)
Sarma, S., Weis, S., Engels, D.: Radio-Frequency Identification: Security Risks and Challenges. In RSA Laboratories Cryptobytes, Vol. 6, No. 1 (2003)
Weis, S.: Security and Privacy in Radio-Frequency Identification Devices. Master”s Thesis, MIT, May (2003)
Yüksel, K.: Universal Hashing for Ultra-Low-Power Cryptographic Hardware Applications. Master”s Thesis, Dept. of Electronical Engineering, WPI, (2004)
Juels, A., Syverson, P., Bailey, D.: High-Power Proxies for Enhancing RFID Privacy and Utility. In Workshop on Privacy Enhancing Technologies (2005)
EPCglobal: 900 MHz Class 0 Radio Frequency (RF) Identification Tag Specification. EPCglobal public document, February (2003)
EPCglobal: Class-1 Generation-2 UHF air interface protocol standard version 1.0.9. EPCglobal public document, January (2005). Available from: http://www.epcglobalinc.org/standards_technology/EPCglobal2UHFRFIDProtocolV 109122005.pdf (8.5.2006)
Alien Technology: EPC Class 1 RFID Tags Datasheet (2005). Available from: http://www.alientechnology.com/products/documents/alien_915mhz_128_bit.pdf (19.5.2006)
Supply Chain Digest: RFID News: Tag Prices Drop, but is it Real? Wal-Mart, Target Push for Sunsetting Class 0 and 1 Tags. News and Views, October 13 (2005). Available from: http://www.scdigest.com/assets/newsviews/05–10–13–2.cfm (19.5.2006)
Author information
Authors and Affiliations
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2008 Springer-Verlag Berlin Heidelberg
About this chapter
Cite this chapter
Lehtonen, M., Staake, T., Michahelles, F. (2008). From Identification to Authentication – A Review of RFID Product Authentication Techniques. In: Cole, P., Ranasinghe, D. (eds) Networked RFID Systems and Lightweight Cryptography. Springer, Berlin, Heidelberg. https://doi.org/10.1007/978-3-540-71641-9_9
Download citation
DOI: https://doi.org/10.1007/978-3-540-71641-9_9
Publisher Name: Springer, Berlin, Heidelberg
Print ISBN: 978-3-540-71640-2
Online ISBN: 978-3-540-71641-9
eBook Packages: Computer ScienceComputer Science (R0)