Abstract
Radio Frequency Identification systems are in the limelight for a few years and become pervasive in our daily lives. These smart devices are nowadays embedded in the consumer items and may come soon into our banknotes. At Financial Cryptography 2003, Juels and Pappu proposed a practical cryptographic banknote protection scheme based on both Optical and Radio Frequency Identification systems. We demonstrate however that it severely compromises the privacy of the banknotes’ bearers. We describe some threats and show that, due to the misuse of the secure integration method of Fujisaki and Okamoto, an attacker can access and modify the data stored in the smart device without optical access to the banknote. We prove also that despite what the authors claimed, an attacker can track the banknotes by using the access-key as a marker, circumventing the randomized encryption scheme that aims at thwarting such attacks.
Chapter PDF
Similar content being viewed by others
Keywords
References
Auto-ID Center. 860MHz-960MHz class I radio frequency identification tag radio frequency & logical communication interface specification: Recommended standard, version 1.0.0. Technical report http://www.autoidcenter.org, Massachusetts Institute of Technology, MA, USA, November 2002.
Auto-ID Center. 13.56MHz ISM band class 1 radio frequency identification tag interface specification: Recommended standard, version 1.0.0. Technical report http://www.autoidcenter.org, Massachusetts Institute of Technology, MA, USA, February 2003.
Dan Boneh, Ben Lynn, and Hovav Shacham. Short signatures from the weil pairing. In Colin Boyd, editor, Advances in Cryptology-ASIACRYPT’01, volume 2248 of Lecture Notes in Computer Science, pages 514–532, Gold Coast, Australia, December 2001. IACR, Springer-Verlag.
Atmel Corporation. http://www.atmel.com.
Taher El Gamal. A public key cryptosystem and a signature scheme based on discrete logarithms. IEEE Transactions on Information Theory, 31(4):469–472, July 1985.
Eiichiro Fujisaki and Tatsuaki Okamoto. Secure integration of asymmetric and symmetric encryption schemes. In Michael Wiener, editor, Advances in Cryptology-CRYPTO’99, volume 1666 of Lecture Notes in Computer Science, pages 537–554, Santa Barbara, California, USA, August 1999. IACR, Springer-Verlag.
RFID Journal. Michelin embeds RFID tags in tires. http://www.rfidjournal.com/article/view/269, January 2003.
Ari Juels and Ravikanth Pappu. Squealing euros: Privacy protection in RFIDenabled banknotes. In Rebecca N. Wright, editor, Financial Cryptography-FC’03, volume 2742 of Lecture Notes in Computer Science, pages 103–121, Le Gosier, Guadeloupe, French West Indies, January 2003. IFCA, Springer-Verlag.
Mark Roberti. The money trail-RFID journal. http://www.rfidjournal.com, August 2003.
Sanjay Sarma. Towards the five-cent tag. Technical Report MIT-AUTOID-WD-006, MIT auto ID center, Cambridge, MA, USA, November 2001.
Sanjay Sarma, Stephen Weis, and Daniel Engels. Radio-frequency identification: security risks and challenges. Cryptobytes, RSA Laboratories, 6(1):2–9, spring 2003.
Stephen Weis, Sanjay Sarma, Ronald Rivest, and Daniel Engels. Security and privacy aspects of low-cost radio frequency identification systems. In Dieter Hutter, Günter Müller, Werner Stephan, and Markus Ullmann, editors, First International Conference on Security in Pervasive Computing-SPC 2003, volume 2802 of Lecture Notes in Computer Science, pages 454–469, Boppard, Germany, March 2003. Springer-Verlag.
Junko Yoshida. Euro bank notes to embed RFID chips by 2005. http://www.eetimes.com/story/OEG20011219S0016, December 2001.
Author information
Authors and Affiliations
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2004 Springer Science + Business Media, Inc.
About this paper
Cite this paper
Avoine, G. (2004). Privacy Issues in RFID Banknote Protection Schemes. In: Quisquater, JJ., Paradinas, P., Deswarte, Y., El Kalam, A.A. (eds) Smart Card Research and Advanced Applications VI. IFIP International Federation for Information Processing, vol 153. Springer, Boston, MA. https://doi.org/10.1007/1-4020-8147-2_3
Download citation
DOI: https://doi.org/10.1007/1-4020-8147-2_3
Publisher Name: Springer, Boston, MA
Print ISBN: 978-1-4020-8146-0
Online ISBN: 978-1-4020-8147-7
eBook Packages: Springer Book Archive