An Anti-Counterfeiting RFID Privacy Protection Protocol

The privacy problem of many RFID systems has been extensively studied.Yet integrity in RFID has not received much attention as regularcomputer systems. When we evaluate an identification protocol for an RFIDsystem for anti-counterfeiting, it is important to consider integrityissues. Moreover, many RFID systems are accessed by multiple level trustparties, which makes comprehensive integrity protection even harder. Inthis paper, we first propose an integrity model for RFID protocols.Then we use the model to analyze the integrity problems in Squealing Eurosprotocol. Squealing Euros was proposed by Juelsand Pappu for RFID enabled banknotes that will support anti-forgery andlawful tracing yet preserve individual's privacy. We analyze itsintegrity, we then discuss the problems that arise and propose somesolutions to these problems. Then an improved protocol with integrityprotection for the law enforcement is constructed, which includes anunforgeable binding between the banknote serial number and the RFciphertext only readable to law enforcement. This same protocol can beapplied in many other applications which require a privacy protectinganti-counterfeiting mechanism.