Abstract
Many of today’s proposed RFID privacy schemes rely on the encryption of tag IDs with user-chosen keys. However, password management quickly becomes a bottleneck in such proposals, rendering them infeasible in situations where tagged items are repeatedly exchanged in informal (i.e., personal) situations, in particular outside industrial supply-chains or supermarket checkout lanes. An alternative to explicit access control management are RFID privacy systems that provides access to tag IDs over time, i.e., only after prolonged and detailed reading of an item. Such themes can minimize the risk of unwanted exposure through accidental read-outs, or offer protection during brief encounters with strangers. This paper describes a spatially distributed ID-disclosure scheme that uses a (potentially large) set of miniature RFID tags to distribute the true ID of an item across the entire product surface. We introduce the underlying mechanism of our spatially distributed RFID privacy system and report on initial performance results.
This is a preview of subscription content, log in via an institution to check access.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
Preview
Unable to display preview. Download preview PDF.
References
EPCglobal: Class-1 generation-2 UHF RFID protocol for communications at 860 MHz–960 MHz, version 1.0.9. EPC radio-frequency identity protocols (2005), see http://www.epcglobalinc.org/standards/Class_1_Generation_2_UHF_Air_Interface_Protocol_Standard_Version_1.0.9.pdf
Karjoth, G., Moskowitz, P.A.: Disabling RFID tags with visible confirmation: clipped tags are silenced. In: Atluri, V., Capitani, D., di Vimercati, S., Dingledine, R. (eds.) WPES 2005. Proceedings of the 2005 ACM Workshop on Privacy in the Electronic Society, pp. 27–30. ACM Press, Alexandria, VA (2005)
Roduner, C., Langheinrich, M., Floerkemeier, C., Schwarzentrub, B.: Operating appliances with mobile phones – strengths and limits of a universal interaction device. In: Proceedings of Pervasive 2007, Toronto, Canada, May 13-16, 2007. LNCS, pp. 13–16. Springer, Heidelberg (2007)
Weis, S.A., Sarma, S.E., Rivest, R.L., Engels, D.W.: Security and privacy aspects of low-cost radio frequency identification systems. In: Hutter, D., Müller, G., Stephan, W., Ullmann, M. (eds.) Security in Pervasive Computing. LNCS, vol. 2802, pp. 201–212. Springer, Heidelberg (2004)
Ohkubo, M., Suzuki, K., Kinoshita, S.: Cryptographic approach to privacy-friendly tags. In: Garfinkel, S., Rosenberg, B. (eds.) RFID: Applications, Security, and Privacy, Addison-Wesley, Reading (2005)
Henrici, D., Müller, P.: Tackling security and privacy issues in radio frequency identification devices. In: Ferscha, A., Mattern, F. (eds.) PERVASIVE 2004. LNCS, vol. 3001, pp. 219–224. Springer, Heidelberg (2004)
Juels, A.: RFID security and privacy: A research survey. IEEE Journal on Selected Areas in Communications 24(2), 381–394 (2006)
Juels, A., Rivest, R.L., Szydlo, M.: The blocker tag: Selective blocking of RFID tags for consumer privacy. In: Jajodia, S., Atluri, V., Jaeger, T. (eds.) Proceedings of the 10th ACM Conference on Computer and Communication Security, pp. 103–111. ACM Press, Washington, D.C. (2003)
Fishkin, K., Roy, S., Jiang, B.: Some methods for privacy in RFID communication. In: Castelluccia, C., Hartenstein, H., Paar, C., Westhoff, D. (eds.) ESAS 2004. LNCS, vol. 3313, pp. 42–53. Springer, Heidelberg (2005)
Langheinrich, M., Marti, R.: Practical minimalist cryptography for RFID privacy. Submitted for publication (2007), Available online at http://www.vs.inf.ethz.ch/publ/papers/shamirtags07.pdf
Shamir, A.: How to share a secret. Comm. of the ACM 22(11), 612–613 (1979)
Bohn, J., Mattern, F.: Super-distributed RFID tag infrastructures. In: Markopoulos, P., Eggen, B., Aarts, E., Crowley, J.L. (eds.) EUSAI 2004. LNCS, vol. 3295, pp. 1–12. Springer, Heidelberg (2004)
EPCglobal: EPC tag data specification 1.1. EPCglobal Standard (2003)
Menezes, A.J., van Oorschot, P.C., Vanstone, S.A.: Handbook of applied cryptography. CRC Press, Boca Raton, Florida (1996)
Chiu, S.L.: Fuzzy model identification based on cluster estimation. Journal of Intelligent and Fuzzy Systems 2(3), 267–278 (1994)
Author information
Authors and Affiliations
Editor information
Rights and permissions
Copyright information
© 2007 Springer-Verlag Berlin Heidelberg
About this paper
Cite this paper
Langheinrich, M., Marti, R. (2007). RFID Privacy Using Spatially Distributed Shared Secrets. In: Ichikawa, H., Cho, WD., Satoh, I., Youn, H.Y. (eds) Ubiquitous Computing Systems. UCS 2007. Lecture Notes in Computer Science, vol 4836. Springer, Berlin, Heidelberg. https://doi.org/10.1007/978-3-540-76772-5_1
Download citation
DOI: https://doi.org/10.1007/978-3-540-76772-5_1
Publisher Name: Springer, Berlin, Heidelberg
Print ISBN: 978-3-540-76771-8
Online ISBN: 978-3-540-76772-5
eBook Packages: Computer ScienceComputer Science (R0)