Skip to main content
SpringerLink
Log in
Book cover

Security in Pervasive Computing pp 201–212Cite as

Security and Privacy Aspects of Low-Cost Radio Frequency Identification Systems

  • Conference paper

Part of the book series: Lecture Notes in Computer Science ((LNCS,volume 2802))

Abstract

Like many technologies, low-cost Radio Frequency Identification (RFID) systems will become pervasive in our daily lives when affixed to everyday consumer items as ”smart labels”. While yielding great productivity gains, RFID systems may create new threats to the security and privacy of individuals or organizations. This paper presents a brief description of RFID systems and their operation. We describe privacy and security risks and how they apply to the unique setting of low-cost RFID devices. We propose several security mechanisms and suggest areas for future research.

This is a preview of subscription content, log in via an institution.

Chapter
USD   29.95
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
eBook
USD   39.99
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
Softcover Book
USD   54.99
Price excludes VAT (USA)
  • Compact, lightweight edition
  • Dispatched in 3 to 5 business days
  • Free shipping worldwide - see info

Tax calculation will be finalised at checkout

Purchases are for personal use only

Learn about institutional subscriptions

Preview

Unable to display preview. Download preview PDF.

Unable to display preview. Download preview PDF.

References

  1. Abadi, M., Burrows, M., Kaufman, C., Lampson, B.W.: Authentication and Delegation with Smart-cards. In: Theoretical Aspects of Computer Software, pp. 326–345 (1991)

    Google Scholar 

  2. Anderson, R., Kuhn, M.: Low Cost Attacks on Tamper Resistant Devices. In: IWSP: International Workshop on Security Protocols. LNCS (1997)

    Google Scholar 

  3. Bing, B.: Broadband Wireless Access. Kluwer Academic Publishers, Dordrecht (2002)

    Google Scholar 

  4. Boneh, D., DeMillo, R.A., Lipton, R.J.: On the Importance of Checking Cryptographic Protocols for Faults. In: Fumy, W. (ed.) EUROCRYPT 1997. LNCS, vol. 1233, pp. 37–51. Springer, Heidelberg (1997)

    Google Scholar 

  5. Canetti, R., Micciancio, D., Reingold, O.: Perfectly One-Way Probabilistic Hash Functions. In: 30th Annual ACM Symposium on Theory of Computing, pp. 131–140 (1998)

    Google Scholar 

  6. CAST Inc. AES and SHA-1 Cryptoprocessor Cores, http://www.cast-inc.com

  7. Chari, S., Jutla, C., Rao, J.R., Rohatgi, P.: A Cautionary Note Regarding Evaluation of AES Candidates on Smart-Cards. In: Second Advanced Encryption Standard (AES) Candidate Conference, Rome, Italy (1999)

    Google Scholar 

  8. EAN International and the Uniform Code Council, http://www.ean-int.org

  9. Gobioff, H., Smith, S., Tygar, J.D., Yee, B.: Smart Cards in Hostile Environments. In: 2nd USENIX Workshop on Elec. Commerce (1996)

    Google Scholar 

  10. Goldreich, O.: Foundations of Cryptography. Cambridge University Press, Cambridge (2001)

    Book  MATH  Google Scholar 

  11. Hoffstein, J., Pipher, J., Silverman, J.H.: NTRU: A Ring-Based Public Key Cryptosystem. In: Buhler, J.P. (ed.) ANTS 1998. LNCS, vol. 1423, pp. 267–288. Springer, Heidelberg (1998)

    Chapter  Google Scholar 

  12. Jakobsson, M., Wetzel, S.: Security Weaknesses in Bluetooth. In: Naccache, D. (ed.) CT-RSA 2001. LNCS, vol. 2020, p. 176. Springer, Heidelberg (2001)

    Chapter  Google Scholar 

  13. Juels, A., Pappu, R.: Squealing Euros: Privacy Protection in RFID-Enabled Banknotes. In: Wright, R.N. (ed.) FC 2003. LNCS, vol. 2742, pp. 103–121. Springer, Heidelberg (2003)

    Chapter  Google Scholar 

  14. Kaliski Jr., B.S., Robshaw, M.J.B.: Comments on Some New Attacks on Cryptographic Devices. RSA Laboratories’ Bulletin (5) (July 1997), http://www.rsasecurity.com/rsalabs/bulletins/

  15. Kocher, P., Jaffe, J., Jun, B.: Differential Power Analysis. In: Wiener, M. (ed.) CRYPTO 1999. LNCS, vol. 1666, pp. 388–397. Springer, Heidelberg (1999)

    Google Scholar 

  16. Kocher, P.C.: Cryptanalysis of Diffie-Hellman, RSA, DSS, and other Systems Using Timing Attacks. Technical report, Cryptography Research, Inc. (1995)

    Google Scholar 

  17. Krause, M., Lucks, S.: On the Minimal Hardware Complexity of Pseudorandom Function Generators. In: Ferreira, A., Reichel, H. (eds.) STACS 2001. LNCS, vol. 2010, pp. 419–435. Springer, Heidelberg (2001)

    Chapter  Google Scholar 

  18. Luby, M., Rackoff, C.: How to Construct Pseudorandom Permutations from Pseudorandom Functions. SIAM Journal on Computing 17(2), 373–386 (1988)

    Article  MATH  MathSciNet  Google Scholar 

  19. Menezes, A.J., van Oorshot, P.C., Vanstone, S.A.: Handbook of Applied Cryptography, ch. 1.9. CRC Press, Boca Raton (1996)

    Book  Google Scholar 

  20. Metcalfe, R.M., Boggs, D.R.: Ethernet: Distributed Packet Switching for Local Computer Networks. Communications of the ACM 19(5), 395–404 (1976)

    Article  Google Scholar 

  21. MIT. Auto-ID Center, http://www.autoidcenter.org

  22. NTRU. GenuID, http://www.ntru.com/products/genuid.htm

  23. RFID Journal. Gillette to Purchase 500 Million EPC Tags (November 2002), http://www.rfidjournal.com

  24. RFID Journal. Michelin Embeds RFID Tags in Tires (January 2003), http://www.rfidjournal.com

  25. Rivest, R.L.: Chaffing and Winnowing: Confidentiality without Encryption. CryptoBytes (RSA Laboratories) 4(1), 12–17 (1998)

    Google Scholar 

  26. Sarma, S.E.: Towards the Five-Cent Tag. Technical Report MIT-AUTOID-WH-006, MIT Auto-ID Center (2001)

    Google Scholar 

  27. Sarma, S.E., Weis, S.A., Engels, D.W.: RFID Systems and Security and Privacy Implications. In: Kaliski Jr., B.S., Koç, Ç.K., Paar, C. (eds.) CHES 2002. LNCS, vol. 2523, pp. 454–470. Springer, Heidelberg (2003)

    Chapter  Google Scholar 

  28. Stajano, F., Anderson, R.: The Resurrecting Duckling: Security Issues for Ad-hoc Wireless Networks. In: Malcolm, J.A., Christianson, B., Crispo, B., Roe, M. (eds.) Security Protocols 1999. LNCS, vol. 1796, pp. 172–194. Springer, Heidelberg (2000)

    Chapter  Google Scholar 

  29. TAMPER Lab. University of Cambridge Tamper and Monitoring Protection Engineering Research Lab., http://www.cl.cam.ac.uk/Research/Security/tamper

  30. Uniform Code Council. Homepage, http://www.uc-council.org

  31. Weigart, S.H.: Physical Security Devices for Computer Subsystems: A Survey of Attacks and Defences. In: Paar, C., Koç, Ç.K. (eds.) CHES 2000. LNCS, vol. 1965, pp. 302–317. Springer, Heidelberg (2000)

    Google Scholar 

  32. Wheeler, D.J., Needham, R.M.: TEA, a Tiny Encryption Algorithm. Technical report, Computer Laboratory, University of Cambridge (1995)

    Google Scholar 

  33. Wheeler, D.J., Needham, R.M.: TEA Extensions. Technical report, Computer Laboratory, University of Cambridge (1997)

    Google Scholar 

Download references

Author information

Authors and Affiliations

  1. Laboratory for Computer Science, Massachusetts Institute of Technology, Cambridge, MA, 02139, USA

    Stephen A. Weis & Ronald L. Rivest

  2. Auto-ID Center, Massachusetts Institute of Technology, Cambridge, MA, 02139, USA

    Sanjay E. Sarma & Daniel W. Engels

Authors
  1. Stephen A. Weis
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. Sanjay E. Sarma
    View author publications

    You can also search for this author in PubMed Google Scholar

  3. Ronald L. Rivest
    View author publications

    You can also search for this author in PubMed Google Scholar

  4. Daniel W. Engels
    View author publications

    You can also search for this author in PubMed Google Scholar

Editor information

Editors and Affiliations

  1. DFKI, Stuhlsatzenhausweg 3, D-66123, Saarbrücken, Germany

    Dieter Hutter

  2. Institute of Computer Science and Social Studies, Department of Telematics, Albert-Ludwig University Freiburg, Germany

    Günter Müller

  3. German Research Center for Artificial Intelligence, DFKI GmbH,  

    Werner Stephan

  4. Federal Office for Information Security (BSI), Godesberger Allee 185-189, 53175, Bonn, Germany

    Markus Ullmann

Rights and permissions

Reprints and permissions

Copyright information

© 2004 Springer-Verlag Berlin Heidelberg

About this paper

Cite this paper

Weis, S.A., Sarma, S.E., Rivest, R.L., Engels, D.W. (2004). Security and Privacy Aspects of Low-Cost Radio Frequency Identification Systems. In: Hutter, D., Müller, G., Stephan, W., Ullmann, M. (eds) Security in Pervasive Computing. Lecture Notes in Computer Science, vol 2802. Springer, Berlin, Heidelberg. https://doi.org/10.1007/978-3-540-39881-3_18

Download citation

  • DOI: https://doi.org/10.1007/978-3-540-39881-3_18

  • Publisher Name: Springer, Berlin, Heidelberg

  • Print ISBN: 978-3-540-20887-7

  • Online ISBN: 978-3-540-39881-3

  • eBook Packages: Springer Book Archive

Publish with us

Policies and ethics

Search

Navigation