article

PAP: A privacy and authentication protocol for passive RFID tags

Authors:

LeRoy A. BaileyAuthors Info & Claims

Computer Communications, Volume 32, Issue 7-10

Pages 1194 - 1199

https://doi.org/10.1016/j.comcom.2009.03.006

Published: 01 May 2009 Publication History

Abstract

Passive Radio Frequency Identification (RFID) tags, due to their ability to uniquely identify every individual item and low cost, are well suited for supply chain management and are expected to replace barcodes in the near future. However, unlike barcodes, these tags have a longer range in which they are allowed to be scanned, subjecting them to unauthorized scanning by malicious readers and to various other attacks, including cloning attacks. Therefore, a security protocol for RFID tags is necessary to ensure the privacy and authentication between each tag and their reader. In order to accomplish this, we propose PAP, a privacy and authentication protocol for passive RFID tags. This protocol requires little computation and achieves both privacy and authentication, making it sufficient enough for use in supply chain management; however, this protocol is also suitable for use in other RFID applications as well.

References

[1]

Juels, A., RFID security and privacy: a research survey. IEEE Journals on Selected Areas in Communications. v24 i2. 381-394.

Digital Library

[2]

EPCglobal, EPCglobal website, Available from: <http://www.EPCglobalinc.org/>.

[3]

Stern, S., Security trumps privacy. Christian Science Monitor.

[4]

D. Molnar, D. Wagner, Privacy and security in library RFID: issues, practices, and architectures, in: B. Pfitzmann, P. McDaniel (Eds.), Proceedings of the ACM Conference on Computer and Communications Security, 2004, pp. 210-219.

Digital Library

[5]

International Civil Aviation Organization ICAO, Document 9303, machine readable travel documents (MRTD), part i, Machine readable passports.

[6]

A. Juels, D. Molnar, D. Wagner, Security and privacy issues in e-passports, in: Proceedings of the First International Conference on Security and Privacy for Emerging Areas in Communications Networks (SecureComm), 2005, pp. 74-88.

Digital Library

[7]

G. Barber, E. Tsibertzopoulos, B. Hamilton, An analysis of using EPCglobal class-1 generation-2 RFID technology for wireless asset management, in: Military Communications Conference, vol. 1, 2005, pp. 245-251.

[8]

M. Ohkubo, K. Suzuki, S. Kinoshita, Cryptographic approach to "privacy-friendly" tags, in: RFID Privacy Workshop, MIT, MA, USA, 2003.

[9]

S. Bono, M. Green, A. Stubblefield, A. Juels, A. Rubin, M. Szydlo, Security analysis of a cryptographically-enabled RFID device, in: USENIX Security Symposium, USENIX, Baltimore, Maryland, USA, 2005, pp. 1-16.

Digital Library

[10]

J. Wolkerstorfer, Is elliptic-curve cryptography suitable to secure RFID tags? Handout of the Ecrypt Workshop on RFID and Lightweight Crypto (July 2005).

[11]

C. Floerkemeier, R. Schneider, M. Langheinrich, Scanning with a purpose: supporting the fair information principles in RFID protocols, in: Proceedings of the Second International Symposium on Ubiquitous Computing Systems, 2004.

Digital Library

[12]

M. Rieback, B. Crispo, A. Tanenbaum, RFID guardian: a battery-powered mobile device for RFID privacy management, in: Proceedings of the Australasian Conference on Information Security and Privacy, 2005, pp. 184-194.

Digital Library

[13]

A. Juels, P. Syverson, D. Bailey, High-power proxies for enhancing RFID privacy and utility, in: Workshop on Privacy Enhancing Technologies - PET 2005, Dubrovnik, Croatia, 2005.

Digital Library

[14]

A. Juels, R.L. Rivest, M. Szydlo, The blocker tag: selective blocking of RFID tags for consumer privacy, in: Proceedings of the 10th ACM Conference on Computer and Communication Security, 2003, pp. 103-111.

Digital Library

[15]

A. Juels, J. Brainard, Soft blocking: flexible blocker tags on the cheap, in: Proceedings of the 2004 ACM Workshop on Privacy in the Electronic Society, 2004, pp. 1-7.

Digital Library

[16]

S.A. Weis, S.E. Sarma, R.L. Rivest, D.W. Engels, Security and privacy aspects of low-cost radio frequency identification systems, in: Proceedings of the International Conference on Security in Pervasive Computing, 2003, pp. 454-469.

[17]

A.X. Liu, L.A. Bailey, A.H. Krishnamurthy, Rfidguard: a lightweight privacy and authentication protocol for passive rfid tags, Journal of Security and Communication Networks, accepted for publication.

[18]

T. Li, R. Deng, Vulnerability analysis of emap-an efficient RFID mutual authentication protocol, in: Proceedings of the International Conference on Availability, Reliability and Security, 2007.

Digital Library

[19]

H. Krawczyk, M. Bellare, R. Canetti, Hmac: keyed-hashing for message authentication, RFC 2104.

Digital Library

[20]

R. Rivest, The md5 message-digest algorithm, RFC 1321.

Digital Library

[21]

D. Eastlake, P. Jones, Us secure hash algorithm 1 (sha1), RFC 3174.

Digital Library

Cited By

Ferrag MMaglaras LArgyriou AKosmanos DJanicke H(2018)Security for 4G and 5G cellular networksJournal of Network and Computer Applications10.1016/j.jnca.2017.10.017101:C(55-82)Online publication date: 1-Jan-2018
https://dl.acm.org/doi/10.1016/j.jnca.2017.10.017
(2017)A secure privacy and authentication protocol for passive RFID tagsInternational Journal of Mobile Communications10.1504/IJMC.2017.08346215:3(266-277)Online publication date: 1-Jan-2017
https://dl.acm.org/doi/10.1504/IJMC.2017.083462
Younis MAbdulkareem M(2017)ITPMAPWireless Personal Communications: An International Journal10.1007/s11277-017-4152-096:1(65-101)Online publication date: 1-Sep-2017
https://dl.acm.org/doi/10.1007/s11277-017-4152-0
Show More Cited By

Index Terms

PAP: A privacy and authentication protocol for passive RFID tags

Index terms have been assigned to the content through auto-classification.

Recommendations

A Novel Anonymous RFID Authentication Protocol Providing Strong Privacy and Security
MINES '10: Proceedings of the 2010 International Conference on Multimedia Information Networking and Security

As the radio frequency identification (RFID) technology continues to evolve and mature, RFID tags can be implemented in a wide range of applications. Due to the shared wireless medium between the RFID reader and the RFID tag, however, adversaries can ...
Impossibility results for RFID privacy notions
Transactions on computational science XI

RFID systems have become increasingly popular and are already used in many real-life applications. Although very useful, RFIDs introduce privacy risks since they carry identifying information that can be traced. Hence, several RFID privacy models have ...
On Elliptic Curve Based Untraceable RFID Authentication Protocols
IH&MMSec '15: Proceedings of the 3rd ACM Workshop on Information Hiding and Multimedia Security

An untraceable RFID authentication scheme allows a legitimate reader to authenticate a tag, and at the same time it assures the privacy of the tag against unauthorized tracing. In this paper, we revisit three elliptic-curve based untraceable RFID ...

Comments

Information & Contributors

Information

Published In

cover image Computer Communications

Computer Communications Volume 32, Issue 7-10

May, 2009

125 pages

ISSN:0140-3664

Issue’s Table of Contents

Copyright © Elsevier B.V. © 2009.

Publisher

Elsevier Science Publishers B. V.

Netherlands

Publication History

Published: 01 May 2009

Author Tags

Qualifiers

Article

Contributors

Other Metrics

View Article Metrics

Bibliometrics & Citations

Bibliometrics

Article Metrics

12
Total Citations
View Citations
0
Total Downloads

Downloads (Last 12 months)0
Downloads (Last 6 weeks)0

Reflects downloads up to 03 Jan 2025

Other Metrics

View Author Metrics

Citations

Cited By

Ferrag MMaglaras LArgyriou AKosmanos DJanicke H(2018)Security for 4G and 5G cellular networksJournal of Network and Computer Applications10.1016/j.jnca.2017.10.017101:C(55-82)Online publication date: 1-Jan-2018
https://dl.acm.org/doi/10.1016/j.jnca.2017.10.017
(2017)A secure privacy and authentication protocol for passive RFID tagsInternational Journal of Mobile Communications10.1504/IJMC.2017.08346215:3(266-277)Online publication date: 1-Jan-2017
https://dl.acm.org/doi/10.1504/IJMC.2017.083462
Younis MAbdulkareem M(2017)ITPMAPWireless Personal Communications: An International Journal10.1007/s11277-017-4152-096:1(65-101)Online publication date: 1-Sep-2017
https://dl.acm.org/doi/10.1007/s11277-017-4152-0
Shen HShen JKhan MLee J(2017)Efficient RFID Authentication Using Elliptic Curve Cryptography for the Internet of ThingsWireless Personal Communications: An International Journal10.1007/s11277-016-3739-196:4(5253-5266)Online publication date: 1-Oct-2017
https://dl.acm.org/doi/10.1007/s11277-016-3739-1
Kaur KKumar NSingh MObaidat M(2016)Lightweight Authentication Protocol for RFID-Enabled Systems Based on ECC2016 IEEE Global Communications Conference (GLOBECOM)10.1109/GLOCOM.2016.7841955(1-6)Online publication date: 4-Dec-2016
https://dl.acm.org/doi/10.1109/GLOCOM.2016.7841955
Niu BZhu XChi HLi H(2014)Privacy and Authentication Protocol for Mobile RFID SystemsWireless Personal Communications: An International Journal10.1007/s11277-014-1605-677:3(1713-1731)Online publication date: 1-Aug-2014
https://dl.acm.org/doi/10.1007/s11277-014-1605-6
Chou J(2014)An efficient mutual authentication RFID scheme based on elliptic curve cryptographyThe Journal of Supercomputing10.1007/s11227-013-1073-x70:1(75-94)Online publication date: 1-Oct-2014
https://dl.acm.org/doi/10.1007/s11227-013-1073-x
Doss RSundaresan SZhou W(2013)A practical quadratic residues based scheme for authentication and privacy in mobile RFID systemsAd Hoc Networks10.1016/j.adhoc.2012.06.01511:1(383-396)Online publication date: 1-Jan-2013
https://dl.acm.org/doi/10.1016/j.adhoc.2012.06.015
Doss RZhou WSundaresan SYu SGao L(2012)A minimum disclosure approach to authentication and privacy in RFID systemsComputer Networks: The International Journal of Computer and Telecommunications Networking10.1016/j.comnet.2012.06.01856:15(3401-3416)Online publication date: 1-Oct-2012
https://dl.acm.org/doi/10.1016/j.comnet.2012.06.018
Li GWang YWang CHe J(2012)EMAPInternational Journal of Automation and Computing10.1007/s11633-012-0623-79:1(108-112)Online publication date: 1-Feb-2012
https://dl.acm.org/doi/10.1007/s11633-012-0623-7
Show More Cited By

View Options

View options

Media

Figures

Other

Tables

View Issue’s Table of Contents