Abstract
RFID-based path authentication enables supply chain managers to verify the exact path that a tag has taken. In this paper, we introduce a new oracle Move that models a tag’s movement along a designed or an arbitrary path in a supply chain. With this oracle, we refine the existing security and privacy notions for RFID-based path authentication. In addition, we propose a new privacy notion, called path privacy, for RFID-based path authentication. Our privacy notion captures the privacy of both tag identity and path information in a single game. Compared to existing two-game based privacy notions, it is more rigorous, powerful, and concise. We also construct a new path authentication scheme. Our scheme does not require the entities in a supply chain to have any connection with each other except in the initial stage. It requires only 480 bits storage and no computational ability on each tag; thus it can be deployed on the standard EPCglobal Class 1 Generation 2 tags in the market.
Chapter PDF
Similar content being viewed by others
Keywords
These keywords were added by machine and not by the authors. This process is experimental and the keywords may be updated as the learning algorithm improves.
References
Arbit, A., Oren, Y., Wool, A.: Toward Practical Public Key Anti-Counterfeiting for Low-Cost EPC Tags. In: IEEE RFID 2011, Orlando, FL, pp. 184–191 (April 2011)
Blass, E.O., Elkhiyaoui, K., Molva, R.: Tracker: Security and Privacy for RFID-Based Supply Chains. Cryptology ePrint Archive, Report 2010/219 (2010)
Blass, E.O., Elkhiyaoui, K., Molva, R.: Tracker: Security and Privacy for RFID-Based Supply Chains. In: NDSS 2011, San Diego, California, USA, pp. 455–472 (2011)
Cai, S., Li, Y., Li, T., Deng, R.H.: Attacks and Improvements to an RFID Mutual Authentication Protocol and its Extensions. In: WiSec 2009, Zurich, Switzerland, pp. 51–58 (2009)
Cai, S., Li, Y., Zhao, Y.: Distributed Path Authentication for Dynamic RFID-Enabled Supply Chains. In: IFIP SEC 2012, Crete, Greece (2012)
Golle, P., Jakobsson, M., Juels, A., Syverson, P.: Universal Re-encryption for Mixnets. In: Okamoto, T. (ed.) CT-RSA 2004. LNCS, vol. 2964, pp. 163–178. Springer, Heidelberg (2004)
Li, Y., Ding, X.: Protecting RFID Communications in Supply Chains. In: ASIACCS 2007, New York, NY, USA, pp. 234–241 (2007)
Molnar, D., Wagner, D.: Privacy and Security in Library RFID: Issues, Practices, and Architectures. In: CCS 2004, New York, NY, USA, pp. 210–219 (2004)
Peris-Lopez, P., Hernandez-Castro, J.C., Tapiador, J.M.E., Li, T., Li, Y.: Vulnerability Analysis of RFID Protocols for Tag Ownership Transfer. Computer Networks 54(9), 1502–1508 (2010)
Piramuthu, S.: RFID Mutual Authentication Protocols. Decision Support Systems (2010), http://dx.doi.org/10.1016/j.dss.2010.09.005
Rizomiliotis, P., Rekleitis, E., Gritzalis, S.: Security Analysis of the Song-Mitchell Authentication Protocol for Low-Cost RFID Tags. IEEE Communications Letters 13(4), 274–276 (2009)
Song, B., Mitchell, C.J.: RFID Authentication Protocol for Low-Cost Tags. In: WiSec 2008, Alexandria, Virginia, USA, pp. 140–147 (2008)
Wang, H., Li, Y., Zhang, Z., Cao, Z.: Two-Level Path Authentication in EPCglobal Network. In: IEEE RFID 2012, Orlando, Florida, pp. 24–31 (2012)
Yao, A.C., Yung, M., Zhao, Y.: Adaptive Concurrent Non-Malleability with Bare Public-Keys. CoRR, abs/0910.3282 (2009)
Author information
Authors and Affiliations
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2012 Springer-Verlag Berlin Heidelberg
About this paper
Cite this paper
Cai, S., Deng, R.H., Li, Y., Zhao, Y. (2012). A New Framework for Privacy of RFID Path Authentication. In: Bao, F., Samarati, P., Zhou, J. (eds) Applied Cryptography and Network Security. ACNS 2012. Lecture Notes in Computer Science, vol 7341. Springer, Berlin, Heidelberg. https://doi.org/10.1007/978-3-642-31284-7_28
Download citation
DOI: https://doi.org/10.1007/978-3-642-31284-7_28
Publisher Name: Springer, Berlin, Heidelberg
Print ISBN: 978-3-642-31283-0
Online ISBN: 978-3-642-31284-7
eBook Packages: Computer ScienceComputer Science (R0)