• Articles • Previous Articles     Next Articles

An Anti-Counterfeiting RFID Privacy Protection Protocol

Xiaolan Zhang1 and Brian King2   

  1. 1Department of Electrical and Computer Engineering, University of Illinois, U.S.A. 2Department of Electrical and Computer Engineering, Indiana University Purdue University Indianapolis, U.S.A.
  • Received:2005-10-27 Revised:2006-12-21 Online:2007-05-10 Published:2007-05-10

The privacy problem of many RFID systems has been extensively studied. Yet integrity in RFID has not received much attention as regular computer systems. When we evaluate an identification protocol for an RFID system for anti-counterfeiting, it is important to consider integrity issues. Moreover, many RFID systems are accessed by multiple level trust parties, which makes comprehensive integrity protection even harder. In this paper, we first propose an integrity model for RFID protocols. Then we use the model to analyze the integrity problems in Squealing Euros protocol. Squealing Euros was proposed by Juels and Pappu for RFID enabled banknotes that will support anti-forgery and lawful tracing yet preserve individual's privacy. We analyze its integrity, we then discuss the problems that arise and propose some solutions to these problems. Then an improved protocol with integrity protection for the law enforcement is constructed, which includes an unforgeable binding between the banknote serial number and the RF ciphertext only readable to law enforcement. This same protocol can be applied in many other applications which require a privacy protecting anti-counterfeiting mechanism.

Key words: protocol performance testing; extended concurrent TTCN; operational semantics; IOLTS;

[1] RFID Technology and EPC in Retail. Symbol Technologies, Inc, 2004.

[2] Wal-Mart details RFID requirement. -\it RFID Journal}, 2003.

[3] Gillette confirms RFID purchase. -\it RFID Journal}, 2003.

[4] Staake T, Thiesse F, Fleisch E. Extending the EPC network --- The potential of RFID in anti-counterfeiting. In -\it Proc. 2005 ACM Symp. Applied Computing}, ACM Press, Santa Fe, USA, 2005, pp.1607$\sim$1612.

[5] Yoshida J. Euro bank notes to embed RFID chips by 2005. -\it EE Times}, 2001.

[6] Harris G. Tiny antennas to keep tabs on U.S. drugs. -\it New York Times}, 2004.

[7] Kanellos M. E-passports to put new face on old documents. CNET News.Com, 2004, http://news.zdnet.com/2100-9584\_22-5313650.html.

[8] Juels A, Pappu R. Squealing euros: Privacy-protection in RFID-enabled banknotes. In -\it Proc. Financial Cryptography}, Gosier, Guadeloupe, FWI, -\it LNCS} 2742, Springer-Verlag, 2003, pp.103$\sim$121.

[9] Biannual Information on the Counterfeiting of the Euro. ECB Press. 2004.

[10] Baard M. Watchdogs push for RFID laws. -\it Wired News}, 2004.

[11] Sarma S E, Weis S A, Engels D W. RFID systems and security and privacy implications. In -\it Proc. Workshop on Cryptographic Hardware and Embedded Systems}, San Franciso Bay, USA, -\it LNCS 2523}, 2002, pp.454$\sim$470.

[12] Avoine G, Oechslin P. A scalable and provably secure hash based RFID protocol. In -\it Proc. The 2nd IEEE Int. Workshop on Pervasive Computing and Communication Security}, Kauai Island, Hawaii, USA, IEEE Computer Society Press, 2005, pp.110$\sim$114.

[13] Juels A. Strengthening EPC tags against cloning. In -\it Proc. the 4th ACM Workshop on Wireless Security}, New York City, USA, ACM Press, 2005, pp.67$\sim$76.

[14] Juels A. Minimalist cryptography for low-cost RFID tags. In -\it Proc. The Fourth International Conf. Security in Communication Network,} Amalfi, Italy, -\it LNCS} 3352, Springer-Verlag, 2004, pp.149$\sim$164.

[15] Ranasinghe D, Engels D, Cole P. Low-cost RFID systems: Confronting security and privacy. In -\it Proc. Auto-ID Labs Research Workshop}, Zurich, Switzerland, 2004.

[16] Feldhofer M. A proposal for authentication protocol in a security layer for RFID smart tags. In -\it The 12th IEEE Mediterranean Electrotechnical Conf.}, 2004, 2: 759$\sim$762.

[17] Feldhofer M, Dominikus S, Wolkerstorfer J. Strong authentication for RFID systems using the AES algorithm. In -\it Proc. Workshop on Cryptographic Hardware and Embedded Systems}, Joye M, Quisquater J J (eds.), Cambridge, MA, USA, -\it LNCS} 3156, Springer-Verlag, 2004, pp.357$\sim$370.

[18] Ohkubo M, Suzuki K, Kinoshita S. Cryptographic approach to ``privacy-friendly'' tags. In -\it Proc. RFID Privacy Workshop}, MIT, MA, USA, 2003.

[19] Avoine G, Oechslin P. RFID traceability: A multilayer problem. In -\it Proc. Financial Cryptography}, Roseau, Dominica, -\it LNCS} 3570, Springer-Verlag, 2005, pp.125$\sim$140.

[20] Juels A, Rivest R L, Szydlo M. The blocker tag: Selective blocking of RFID tags for consumer privacy. In -\it Proc. the 10th ACM Conf. Computer and Communication Security}, ACM Press, 2003, pp.103$\sim$111.

[21] 860MHz--930MHz class I radio frequency identification tag: Radio frequency and logical communication interface specification. Technical Report MIT-AUTOID-TR-007, Auto-ID Center, 2002.

[22] Engberg S, Harning M, Damsgaard Jensen C. Zero-knowledge device authentication: Privacy and security enhanced RFID preserving business value and consumer convenience. In -\it Proc. The Second Annual Conference on Privacy, Security and Trust}, New Brunswick, Canada, 2004, 89$\sim$101.

[23] Molnar D, Wagner D. Privacy and security in library RFID: Issues, practices, and architectures. In -\it Proc. Conference on Computer and Communications Security}, Washington DC, USA, ACM Press, 2004, pp.210$\sim$219.

[24] Atmel e5561 data sheet. Atmel Corporation. 2003.

[25] Atmel T5557 data sheet. Atmel Corporation. 2003.

[26] Atmel T5552 data sheet. Atmel Corporation. 2003.

[27] Fujisaki E, Okamoto T. Secure integration of asymmetric and symmetric encryption schemes. In -\it Proc. CRYPTO'99}, Santa Barbara, USA, -\it LNCS} 1666, Springer-Verlag, 1999, pp.537$\sim$554.

[28] Avoine G. Privacy issues in RFID banknote protection schemes. In -\it Proc. The 6th International Conference on Smart Card Research and Advanced Applications}, Toulouse, France, Kluwer, 2004, pp.33$\sim$48.

[29] Blake I, Seroussi G, Smart N. Elliptic Curve Cryptography. Cambridge: Cambridge University Press, 1999.

[30] Boneh D, Lynn B, Shacham H. Short signatures from the Weil pairing. In -\it Proc. ASIACRYPT'01}, Gold Coast, Australia, -\it LNCS} 2139, Springer-Verlag, 2001, pp.514$\sim$532.
Full text



No Suggested Reading articles found!

ISSN 1000-9000(Print)

CN 11-2296/TP

Editorial Board
Author Guidelines
Journal of Computer Science and Technology
Institute of Computing Technology, Chinese Academy of Sciences
P.O. Box 2704, Beijing 100190 P.R. China
E-mail: jcst@ict.ac.cn
  Copyright ©2015 JCST, All Rights Reserved