HJM Tree for Security Analyses of Passive RFID Systems

  • Xu Huang
Part of the Lecture Notes in Electrical Engineering book series (LNEE, volume 4)

Radio frequency identification (RFID) technology is not fundamentally new and concerns a whole range of applications. The first RFID application may have been the Royal British Air Force’s “Identify Friend or Foe” system, which was used during the Second World War to identify friendly aircraft. RFID can be applied to a variety of tasks, structures, work systems, and contexts along the value chain, including business-to-business (B-2-B) logistics, internal operations, business-toconsumer (B-2-C) marketing, and after-sales service applications [1–6]. However, the boom that RFID technology enjoys today is basically due to the standardization [7] and development of low cost devices.

Like every wireless device, RFID systems bring with them security and privacy issues to all those people who have been working in this area. Security issues involve classic attacks, namely denial of service, impersonation of tags, or channel eavesdropping. These attacks are rendered more practicable because of the tags’ lack of computational and storage capacity. There are many papers investigating these issues in various ways [7, 8, 10–12, 14]. Today’s challenge is to find protocols (or deployments) which allow authorized parties to identify the tags without an adversary being able to track them, thus getting to the root of the privacy problem [8, 13]. It is well known that the reason not to use well known authentication protocols is that such protocols do not preserve the privacy of the provider. Asymmetric cryptography could easily solve this problem, but it is too heavy to be implemented within a tag.


Security Analysis Forward Rate Bond Price Electronic Product Code Cryptographic Operation 
These keywords were added by machine and not by the authors. This process is experimental and the keywords may be updated as the learning algorithm improves.


Unable to display preview. Download preview PDF.

Unable to display preview. Download preview PDF.


  1. 1.
    Huber GP (1991) Organizational learning: contributing processes and the literatures. Org Sci 2(1):88–115CrossRefMathSciNetGoogle Scholar
  2. 2.
    Standford V (2003) Pervasive computing goes the last hundred feet with RFID systems, IEEE Perv Comp 2:2Google Scholar
  3. 3.
    Angeles R (2005) RFID technologies: supply-chain applications and implementation issues, Info Sys Mgmt 22:1 pp 51–65CrossRefMathSciNetGoogle Scholar
  4. 4.
    Thompson CA (2004) Radio frequency tags for identifying legitimate drug products discussed by tech industry, Amer J Health-Sys Pharm 61(14): 1430–1431Google Scholar
  5. 5.
    Yang G, Jarvenpaa SI (2005) Trust and radio frequency identification (RFID) adoption within an alliance, In: Sprague R, ed Proc 38th Hawaii Intl Conf Sys Sci, Big Island, HI, January 2005, pp 855–864, IEEE Comp Soc Press, Los Alamitos, CA, USAGoogle Scholar
  6. 6.
    Bono S, Green M, Stubblefield A, Juels A, Rubin A, Szydlo M (2005) Security analysis of a cryptographically-enabled RFID device, In: 14th USENIX security symposium, pp 1–16, Baltimore, Maryland, USAGoogle Scholar
  7. 7.
    Electronic Product Code Global Inc
  8. 8.
    Avoine G (n.d.) Security and privacy in RFID systems. Online bibliography available at
  9. 9.
    Molnar D, Wagner D (2004) Privacy and security in library RFID: issues, practices, and architectures. In: Pfitzmann B, Liu P, ed, Conference on computer and communications security - CCS’04, pp 210–219, ACM Press, Washington, DC, USAGoogle Scholar
  10. 10.
    Golle P, Jakobsson M, Juels A, Syverson P (2004) Universal reencryption for mixnets. In: Okamoto T, ed, The Cryptographers track at the RSA conference, CT-RSA, Lecture notes in computer science, 2964:163–178, San Francisco, California, USA, Springer-VerlagGoogle Scholar
  11. 11.
    Henrico D, Muller P (2004) Tackling security and privacy issues in radio frequency identification devices. In: Ferscha A, Mattern F, ed, Pervasive computing, Lecture Notes in Computer Science 3001:219–224, Vienna Austria, Springer-VerlagGoogle Scholar
  12. 12.
    Ohkubo M, Suzuki K, Kinoshita S (2003) Cryptographic approch to “privacy-friendly” tags. In: RFID privacy workshop, MIT, Massachusetts, USAGoogle Scholar
  13. 13.
    Avoine G, Oechslin P (2005) A scalable and provably secure hash based RFID protocol. In: International workshop on pervasive computing and communication security, PerSec, pp 110–114, Kauai Island, Hawaii, USA, IEEE Computer Society PressCrossRefGoogle Scholar
  14. 14.
    Huang X, Sharma D (2006) Investigating security in multi-tree based technique. In:. Gabrys B, Howlett RJ, Jain LC (eds) RFID systems. KES 2006 Part III. LNAI 4253:1151–1156. Springer-Verlag, Berlin, HeidelbergGoogle Scholar
  15. 15.
    Hull J (2000) Options, futures, and other derivatives, Fifth Ed, Prentice-Hall, pp 574–577Google Scholar
  16. 16.
    Heath D, Jarrow R, Morton A (1992) Bond pricing and the term structure of interest rates: a new methodology, Econometrica 60(1):77–105zbMATHCrossRefGoogle Scholar

Copyright information

© Springer Science+Business Media, LLC 2008

Authors and Affiliations

  • Xu Huang

    There are no affiliations available

    Personalised recommendations