Dynamic Key-Updating: Privacy-Preserving Authentication for RFID Systems
- 1 March 2007
- conference paper
- conference paper
- Published by Institute of Electrical and Electronics Engineers (IEEE)
- Vol. 2012, 13-22
- https://doi.org/10.1109/percom.2007.13
Abstract
The objective of private authentication for radio frequency identification (RFID) systems is to allow valid readers to explicitly authenticate their dominated tags without leaking tags' private information. To achieve this goal, RFID tags issue encrypted authentication messages to the RFID reader, and the reader searches the key space to locate the tags. Due to the lack of efficient key updating algorithms, previous schemes are vulnerable to many active attacks, especially the compromising attack. In this paper, we propose a strong and lightweight RFID private authentication protocol, SPA. By designing a novel key updating method, we achieve the forward secrecy in SPA with an efficient key search algorithm. We also show that, compared with existing designs, SPA is able to effectively defend against both passive and active attacks, including compromising attacks. Through prototype implementation, we observe that SPA is practical and scalable in current RFID infrastructuresKeywords
This publication has 6 references indexed in Scilit:
- A Secure and Efficient RFID Protocol that could make Big Brother (partially) ObsoletePublished by Institute of Electrical and Electronics Engineers (IEEE) ,2006
- A Lightweight RFID Protocol to protect against Traceability and Cloning attacksPublished by Institute of Electrical and Electronics Engineers (IEEE) ,2006
- RFID security and privacy: a research surveyIEEE Journal on Selected Areas in Communications, 2006
- Privacy and security in library RFIDPublished by Association for Computing Machinery (ACM) ,2004
- LANDMARC: indoor location sensing using active RFIDPublished by Institute of Electrical and Electronics Engineers (IEEE) ,2004
- A cryptanalytic time-memory trade-offIEEE Transactions on Information Theory, 1980