Abstract
The integration of RFID technology into consumer products raises serious privacy concerns, but no privacy protection scheme that can be implemented on passive RFID tags is readily available. Existing proposals either sacrifice a core property of RFID systems, such as availability or scalability, or offer only limited privacy. The most promising approaches appear to be tree-based hash protocols, which sacrifice some privacy to maintain scalability. The amount of information that is leaked by these tree-based protocols depends on the tree setup, as well as the number and position of disclosed secrets. This leaked information is valued differently by different attackers. Some attackers aim to collect most information from many tags to build customer profiles; some need detailed information from a representative subset of tags to derive turnover rates of goods while others need very detailed information on selected tags to track individuals. Modifications of the tree protocol can improve privacy but need to be evaluated under the applicable attacker model. In this chapter, we first introduce privacy issues in RFID systems and techniques for measuring achieved privacy. Then, we describe protocols designed to enhance privacy and evaluate their effectiveness against different types of attackers. We find that some measures such as pseudonyms and periodic key updates improve privacy against some attackers, while hurting privacy against other attackers. Some measures such as restructuring the tree improve privacy against all attackers but incur additional computational cost for the legitimate reader. To find the best privacy protocol for a known attacker all available trade-offs should be considered.
This is a preview of subscription content, log in via an institution to check access.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
Preview
Unable to display preview. Download preview PDF.
Similar content being viewed by others
References
Wolkerstorfer, J. Is Elliptic-Curve Cryptography Suitable to Secure RFID Tags?. Workshop on RFID and Lightweight Crypto, 2005
Fabian, B., Guenther, O. and Spiekermann, S. Security Analysis of the Object Name Service for RFID. International Workshop on Security, Privacy and Trust in Pervasive and Ubiquitous Computing, 2005
Bauer, M., Fabian, B., Fischmann, M. and Gurses, S. Emerging Markets for RFID Traces. arXiv.org, 2006
Odlyzko, A. Privacy, Economics, and Price Discrimination on the Internet. International Conference on Electronic Commerce, 2003
Juels, A. RFID Security and Privacy: A research Survey. Manuscript, 2005
Juels, A. and Weis, S. Defining Strong Privacy for RFID. Cryptology ePrint Archive, 2006
Nohl, K. and Evans, D. Quantifying Information Leakage in Tree-Based Hash Protocols. Conference on Information and Communications Security, 2006
Weis, S., Sarma, S., Rivest, R. and Engels, D. Security and Privacy Aspects of Low-Cost Radio Frequency Identification Systems. International Conference on Security in Pervasive Computing, 2003
Ohkubo, M., Suzuki, K. and Kinoshita, S. Cryptographic Approach to “Privacy-Friendly” Tags. RFID Privacy Workshop, 2003
Zhai, J., Mok-Park, C. and Wang, G.-N. Hash-Based RFID Security Protocol Using Randomly Key-Changed Identification Procedure. International Conference on Computational Science and its Applications, 2006
Rieback, M., Crispo, B. and Tanenbaum, A. RFID Guardian: A Battery-Powered Mobile Device for RFID Privacy Management. Australasian Conference on Information Security and Privacy, 2005
Molnar, D. and Wagner, D. Privacy and Security in Library RFID: Issues, Practices, and Architectures. ACM CCS, 2004
Damgard, I. and Østergaard, M. RFID Security: Tradeoffs between Security and Efficiency. Cryptology ePrint Archive, 2006
Buttyan, L., Holczer, T. and Vajda, I. Optimal Key-Trees for Tree-Based Private Authentication. Workshop on Privacy Enhancing Technologies, 2006
Avoine, G. and Oechslin, P. RFID Traceability: A Multilayer Problem. Financial Cryptography, 2005
Nohara, Y., Inoue, S., Baba, K. and Yasuura, H. Quantitative Evaluation of Unlinkable ID atching Schemes. Workshop on Privacy in the Electronic Society, 2006
Cate, F. and Staten, M. The Value of Information-Sharing. Council of Better Business Bureau White Paper, 2000
Lim, C.H. and Kwon, T. Strong and Robust RFID Authentication Enabling Perfect Ownership Transfer. Conference on Information and Communications Security, 2006
Molnar, D., Soppera, A. and Wagner, D. A Scalable, Delegatable Pseudonym Protocol Enabling Ownership Transfer of RFID Tags. Selected Areas in Cryptography, 2005
Staake, T., Thiesse, F. and Fleisch, E. Extending the EPC Network - The Potential of RFID in Anti-Counterfeiting. Symposium on Applied Computing, 2005
Author information
Authors and Affiliations
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2008 Springer Science+Business Media, LLC
About this chapter
Cite this chapter
Nohl, K., Evans, D. (2008). Design Trade-Offs for Realistic Privacy. In: Kitsos, P., Zhang, Y. (eds) RFID Security. Springer, Boston, MA. https://doi.org/10.1007/978-0-387-76481-8_4
Download citation
DOI: https://doi.org/10.1007/978-0-387-76481-8_4
Publisher Name: Springer, Boston, MA
Print ISBN: 978-0-387-76480-1
Online ISBN: 978-0-387-76481-8
eBook Packages: EngineeringEngineering (R0)