Skip to main content
SpringerLink
Log in
Book cover

International Conference on Security in Communication Networks

SCN 2004: Security in Communication Networks pp 149–164Cite as

Minimalist Cryptography for Low-Cost RFID Tags (Extended Abstract)

  • Conference paper

Part of the book series: Lecture Notes in Computer Science ((LNSC,volume 3352))

Abstract

A radio-frequency identification (RFID) tag is a small, inexpensive microchip that emits an identifier in response to a query from a nearby reader. The price of these tags promises to drop to the range of $0.05 per unit in the next several years, offering a viable and powerful replacement for barcodes.

The challenge in providing security for low-cost RFID tags is that they are computationally weak devices, unable to perform even basic symmetric-key cryptographic operations. Security researchers often therefore assume that good privacy protection in RFID tags is unattainable. In this paper, we explore a notion of minimalist cryptography suitable for RFID tags. We consider the type of security obtainable in RFID devices with a small amount of rewritable memory, but very limited computing capability. Our aim is to show that standard cryptography is not necessary as a starting point for improving security of very weak RFID devices. Our contribution is twofold:

  1. 1

    We propose a new security model for authentication and privacy in RFID tags. This model takes into account the natural computational limitations and the likely attack scenarios for RFID tags in real-world settings. It represents a useful divergence from standard cryptographic security modeling, and thus a new basis for practical formalization of minimal security requirements for low-cost RFID-tag security.

  2. 2

    We describe a protocol that provably achieves the properties of authentication and privacy in RFID tags in our proposed model, and in a good practical sense. It involves no computationally intensive cryptographic operations, and relatively little storage.

This is a preview of subscription content, log in via an institution.

Chapter
USD   29.95
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
eBook
USD   39.99
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
Softcover Book
USD   54.99
Price excludes VAT (USA)
  • Compact, lightweight edition
  • Dispatched in 3 to 5 business days
  • Free shipping worldwide - see info

Tax calculation will be finalised at checkout

Purchases are for personal use only

Learn about institutional subscriptions

Preview

Unable to display preview. Download preview PDF.

Unable to display preview. Download preview PDF.

References

  1. Security technology: Where’s the smart money? The Economist, 69–70, February 9 (2002)

    Google Scholar 

  2. Prada’s smart tags too clever? Wired News, October 27 (2002)

    Google Scholar 

  3. Bellare, M., Desai, A., Pointcheval, D., Rogaway, P.: Relations among notions of security for public-key encryption schemes. In: Krawczyk, H. (ed.) CRYPTO 1998. LNCS, vol. 1462, pp. 26–45. Springer, Heidelberg (1998)

    Google Scholar 

  4. Benetton undecided on use of ‘smart tags’. Associated Press, April 8 (2003)

    Google Scholar 

  5. Collins, J.: The cost of Wal-Mart’s RFID edict. RFID Journal, September 10 (2003)

    Google Scholar 

  6. Ewatt, D.M., Hayes, M.: Gillette razors get new edge: RFID tags. Information Week January 3 (2003), Referenced at, http://www.informationweek.com/story/IWK20030110S0028

  7. Fishkin, K.P., Roy, S., Jiang, B.: Some methods for privacy in rfid communication. In: 1st European Workshop on Security in Ad-Hoc and Sensor Networks. Springer, Heidelberg (2004) (to appear)

    Google Scholar 

  8. Fishkin, K.P., Wang, M., Borriello, G.: A ubiquitous system for medication monitoring. In: Second International Conference on Pervasive Computing, Springer, Heidelberg (2004)

    Google Scholar 

  9. El Gamal, T.: A public key cryptosystem and a signature scheme based on discrete logarithms. IEEE Transactions on Information Theory 31, 469–472 (1985)

    Article  MATH  Google Scholar 

  10. Garfinkel, S.: An RFID Bill of Rights. Technology Review, 35 (October 2002)

    Google Scholar 

  11. Golle, P., Jakobsson, M., Juels, A., Syverson, P.: Universal re-encryption for mixnets. Springer, Heidelberg (2004) (to appear)

    Google Scholar 

  12. Juels, A., Brainard, J.: Soft blocking: Flexible blocker tags on the cheap. In: WPES 2004, ACM Press, New York (2004) (to appear)

    Google Scholar 

  13. Juels, A., Pappu, R.: Squealing Euros: Privacy protection in RFID-enabled banknotes. In: Wright, R.N. (ed.) FC 2003. LNCS, vol. 2742, pp. 103–121. Springer, Heidelberg (2003)

    Chapter  Google Scholar 

  14. Juels, A., Rivest, R.L., Szydlo, M.: The blocker tag: Selective blocking of RFID tags for consumer privacy. In: Atluri, V. (ed.) ACM CCS 2003, pp. 103–111. ACM Press, New York (2003)

    Chapter  Google Scholar 

  15. Auto-ID Labs. 13.56 MHz ISM band class 1 radio frequency identification tag interference specification: Candidate recommendation, version 1.0.0. Technical Report MIT-AUTOID-WH-002, Auto-ID Labs (2003), Referenced at, http://www.autoidlabs.org

  16. Ma, L., Xu, Q., Yang, Y.: Organic non-volatile memory by controlling the dynamic copper-ion concentration within the organic layer. Nature (2003) (submitted)

    Google Scholar 

  17. McCullagh, D.: RFID tags: Big Brother in small packages. CNet January 13 (2003), Referenced at, http://news.com.com/2010-1069-980325.html

  18. Menezes, A.J., van Oorschot, P.C., Vanstone, S.A.: Handbook of Applied Cryptography. CRC Press, Boca Raton (1996)

    Book  Google Scholar 

  19. Molnar, D., Wagner, D.: Privacy and security in library RFID: Issues, practices, and architectures. In: ACM CCS 2004, ACM Press, New York (2004) (to appear)

    Google Scholar 

  20. Associated Press. Libraries eye RFID to track books: Privacy issues raised as San Francisco plans chips’ use. October 3 (2003)

    Google Scholar 

  21. RFID, privacy, and corporate data. RFID Journal June 2 (2003), Feature article. Referenced at www.rfidjournal.com on subscription basis

  22. Sarma, S.E., Weis, S.A., Engels, D.W.: Radio-frequency-identification security risks and challenges. CryptoBytes 6(1)(2003)

    Google Scholar 

  23. Sarma, S.E.: Towards the five-cent tag. Technical Report MIT-AUTOID-WH-006, Auto-ID Labs (2001), Referenced at, http://www.autoidlabs.org/

  24. Sarma, S.E., Weis, S.A., Engels, D.W.: RFID systems and security and privacy implications. In: Kaliski Jr., B.S., Koç, Ç.K., Paar, C. (eds.) CHES 2002. LNCS, vol. 2523, pp. 454–469. Springer, Heidelberg (2003)

    Chapter  Google Scholar 

  25. Shim, R.: Benetton to track clothing with ID chips. CNET, March 11 (2003), Referenced at, http://news.com.com/2100-1019-992131.html

  26. Stajano, F., Anderson, R.: The resurrecting duckling: Security issues for ad-hoc wireless networks. In: Malcolm, J.A., Christianson, B., Crispo, B., Roe, M. (eds.) Security Protocols 1999. LNCS, vol. 1796, pp. 172–194. Springer, Heidelberg (2000)

    Chapter  Google Scholar 

  27. Takaragi, K., Usami, M., Imura, R., Itsuki, R., Satoh, T.: An ultra small individual recognition security chip. IEEE Micro 21(6), 43–49 (2001)

    Article  Google Scholar 

  28. Weis, S.A., Sarma, S., Rivest, R., Engels, D.: Security and privacy aspects of low-cost radio frequency identification systems. In: First International Conference on Security in Pervasive Computing (2003)

    Google Scholar 

Download references

Author information

Authors and Affiliations

  1. RSA Laboratories, Bedford, MA, 01730, USA

    Ari Juels

Authors
  1. Ari Juels
    View author publications

    You can also search for this author in PubMed Google Scholar

Editor information

Editors and Affiliations

  1. Dipartimento di Informatica e Applicazioni, Università degli Studi di Salerno, Via Ponte Don Melillo, I-84084, Fisciano, (SA), Italy

    Carlo Blundo

  2. Dipartimento di Tecnologie dell’Informazione, Universitá di Milano, Via Bramante 65, P.O. Box, 26013, Crema, (CR), Italy

    Stelvio Cimato

Rights and permissions

Reprints and permissions

Copyright information

© 2005 Springer-Verlag Berlin Heidelberg

About this paper

Cite this paper

Juels, A. (2005). Minimalist Cryptography for Low-Cost RFID Tags (Extended Abstract). In: Blundo, C., Cimato, S. (eds) Security in Communication Networks. SCN 2004. Lecture Notes in Computer Science, vol 3352. Springer, Berlin, Heidelberg. https://doi.org/10.1007/978-3-540-30598-9_11

Download citation

  • DOI: https://doi.org/10.1007/978-3-540-30598-9_11

  • Publisher Name: Springer, Berlin, Heidelberg

  • Print ISBN: 978-3-540-24301-4

  • Online ISBN: 978-3-540-30598-9

  • eBook Packages: Computer ScienceComputer Science (R0)

Publish with us

Policies and ethics

Search

Navigation