Abstract
We propose a novel RFID infrastructure design, which foresees the usage of a single RFID tag within different contexts and for multiple purposes. We show that an infrastructure for multi-purpose RFID tags to be used in different contexts can be implemented in a privacy -preserving manner. We address security attacks such as impersonation, tracking, and replay. We also introduce spatio-temporal attacks as an important threat against privacy. We propose a methodology to thwart or alleviate these kinds of attacks. We develop our multi-context RFID infrastructure relying on usage of public key cryptography (PKC), which presents more scalable solutions in the sense that the backend servers can identify the tags 75 times faster than best symmetric cipher based systems when there are a million tags in the system. We demonstrate that the requirements for PKC are comparable to those for other cryptographic implementations based on symmetric ciphers proposed for RFID use.
The Work described in this paper is supported by the scientific and Technological Research Council of Turkey under project number 105E089
Chapter PDF
Similar content being viewed by others
References
Weis, S., et al.: Security and privacy aspects of low-cost radio frequency identification systems. In: Hutter, D., et al. (eds.) Security in Pervasive Computing. LNCS, vol. 2802, pp. 454–469. Springer, Heidelberg (2004)
Ohkubo, M., Suzuki, K., Kinoshita, S.: Cryptographic Approach to Privacy-friendly Tags. In: RFID Privacy Workshop, MIT Press, Cambridge (2003)
Menezes, A.J., van Oorschot, P.C., Vanstone, S.A.: Handbook of Applied Cryptography. CRC Press, Boca Raton (1997)
Avoine, G., Dysli, E., Oechslin, P.: Reducing time complexity in RFID systems. In: Preneel, B., Tavares, S. (eds.) SAC 2005. LNCS, vol. 3897, pp. 291–306. Springer, Heidelberg (2006)
Gaubatz, G., et al.: State of the Art in Ultra-Low Power Public Key Cryptography for Wireless Sensor Networks. In: PerSec’05, Kauai Island, Hawaii (2005)
Hoffstein, J., Silverman, J., Whyte, W.: NTRU report 012, version 2. estimated breaking times for NTRU lattices. Technical Report 12, NTRU Cryptosystems, Inc. (2003)
National Institute of Standards and Technology (NIST). FIPS-197: Advanced Encryption Standard (November 2001). Available online at http://www.itl.nist.gov/fipspubs/
Fujistsu web site (2006), Referenced 2006 at http://www.fujitsu.com/us/services/edevices/microelectronics/memory/fram/
Feldhofer, M., Dominikus, S., Wolkerstorfer, J.: Strong authentication for RFID systems using the AES algorithm. In: Joye, M., Quisquater, J.-J. (eds.) CHES 2004. LNCS, vol. 3156, pp. 357–370. Springer, Heidelberg (2004)
Molnar, D., Wagner, D.: Privacy and security in library RFID: Issues, practices, and architectures. In: CCS’04, Washington, DC, USA, pp. 210–219. ACM Press, New York (2004)
Juels, A., Weis, S.: Authenticating pervasive devices with human protocols. In: Shoup, V. (ed.) CRYPTO 2005. LNCS, vol. 3621, pp. 293–308. Springer, Heidelberg (2005)
NTRU RFID data sheet (2006), http://www.ntru.com/products/NtruRFID.pdf
NTRU RFID white paper (2006), http://www.ntru.com/products/RFID_White_paper_FNL.pdf
Hoffstein, J., Pipher, J., Silverman, J.H.: NTRU: A Ring-Based Public Key Cryptosystem. In: Buhler, J.P. (ed.) ANTS 1998. LNCS, vol. 1423, pp. 267–288. Springer, Heidelberg (1998)
Graham, N.H., et al.: The Impact of Decryption Failures on the Security of NTRU Encryption. In: Boneh, D. (ed.) CRYPTO 2003. LNCS, vol. 2729, Springer, Heidelberg (2003)
Dimitriou, T.: A Lightweight RFID Protocol to protect against traceability and cloning attacks. In: SecureComm’05, pp. 59–66 (2005)
Capkun, S., Hubaux, J.P.: Secure positioning of wireless devices with application to sensor networks. In: INFOCOM’05 (2005)
Avoine, G., Oeschlin, P.: A Scalable Protocol for RFID Pseudonyms. In: Persec (2004)
Molnar, D., Soppera, A., Wagner, D.: A Scalable, Delegatable Pseudonym Protocol Enabling Ownership Transfer of RFID Tags. In: Workshop on RFID and Light-Weight Crypto, Graz, Austria, July 14-15 (2005)
Dai, W.: Crypto++, a Free C++ Library for Cryptography (2004), http://www.eskimo.com/~weidai
O’Rourke, C., Sunar, B.: Achieving NTRU with Montgomery Multiplication. IEEE Trans. on Comp. 52(4) (2003)
Kaya, S.V., et al.: Privacy-Aware Multi-Context RFID Infrastructure using Public Key Cryptography (November 19, 2006), http://students.sabanciuniv.edu/~selimvolkan/MultiContext_RFID_Framework.pdf
Author information
Authors and Affiliations
Editor information
Rights and permissions
Copyright information
© 2007 IFIP International Federation for Information Processing
About this paper
Cite this paper
Kaya, S.V., Savaş, E., Levi, A., Erçetin, Ö. (2007). Privacy-Aware Multi-Context RFID Infrastructure Using Public Key Cryptography . In: Akyildiz, I.F., Sivakumar, R., Ekici, E., Oliveira, J.C.d., McNair, J. (eds) NETWORKING 2007. Ad Hoc and Sensor Networks, Wireless Networks, Next Generation Internet. NETWORKING 2007. Lecture Notes in Computer Science, vol 4479. Springer, Berlin, Heidelberg. https://doi.org/10.1007/978-3-540-72606-7_23
Download citation
DOI: https://doi.org/10.1007/978-3-540-72606-7_23
Publisher Name: Springer, Berlin, Heidelberg
Print ISBN: 978-3-540-72605-0
Online ISBN: 978-3-540-72606-7
eBook Packages: Computer ScienceComputer Science (R0)