Welcome to the resource topic for 2005/315
Title:
A Scalable, Delegatable Pseudonym Protocol Enabling Ownership Transfer of RFID Tags
Authors: David Molnar, Andrea Soppera, David Wagner
Abstract:The ability to link two different sightings of the same
Radio Frequency Identification (RFID) tag enables invasions of privacy.
The problem is aggravated when an item, and the tag attached to it,
changes hands during the course of its lifetime. After such an
ownership transfer, the new owner should be able to read the tag but
the old owner should not.
We address these issues through an RFID
pseudonym protocol. Each time it is queried, the RFID tag emits a
different pseudonym using a pseudo-random function.
Without consent of a special Trusted Center that shares secrets
with the tag, it is infeasible to map the pseudonym to the tag’s real
identity. We present a scheme for RFID pseudonyms that works with legacy,
untrusted readers, requires only one message from tag to reader, and is
scalable: decoding tag pseudonyms takes work logarithmic in the number of tags.
Our scheme further allows for time-limited delegation,
so that we can give
an RFID reader the power to disambiguate a limited number of pseudonyms
without further help from the Trusted Center. We show how RFID
pseudonyms facilitate the transfer of ownership of RFID tags between mutually
distrustful parties.
Our scheme requires only limited cryptographic functionality from the tag: we need a pseudo-random function (PRF)
and the ability to update tag state or to generate random numbers.
Tag storage and communication requirements are modest:
we give example parameters for a deployment of one million
tags in which each tag stores only 128 bits, makes 6 PRF
evaluations, and sends 158 bits each time it is read.
ePrint: https://eprint.iacr.org/2005/315
See all topics related to this paper.
Feel free to post resources that are related to this paper below.
Example resources include: implementations, explanation materials, talks, slides, links to previous discussions on other websites.
For more information, see the rules for Resource Topics .