Abstract
Nowadays, the use of Radio Frequency Identification (RFID) systems in industry and stores has increased. Nevertheless, some of these systems present privacy problems that may discourage potential users. Hence, high confidence and effient privacy protocols are urgently needed. Previous studies in the literature proposed schemes that are proven to be secure, but they have scalability problems. A feasible and scalable protocol to guarantee privacy is presented in this paper. The proposed protocol uses elliptic curve cryptography combined with a zero knowledge-based authentication scheme. An analysis to prove the system secure, and even forward secure is also provided.
This is a preview of subscription content, log in via an institution to check access.
Similar content being viewed by others
References
Ohkubo M, Suzuki K, Kinoshita S. Cryptographic approach to “Privacy-Friendly” tags. In RFID Privacy Workshop, MIT, MA, USA, November 2003.
Avoine G, Oechslin P. A scalable and provably secure hash based RFID protocol. In Proc. International Workshop on Pervasive Computing and Communication Security (PerSec 2005), Kauai Island, Hawaii, USA, IEEE, IEEE Computer Society Press, March 2005, pp.110–114.
Juels A, Pappu R. Squealing euros: Privacy protection in RFID-enabled banknotes. In Proc. Financial Cryptography (FC’03), Rebecca N Wright (ed.), Le Gosier, Guadeloupe, French West Indies, IFCA, LNCS 2742, Springer-Verlag, January 2003, pp.103–121.
Kinosita S, Hoshino F, Komuro T, Fujimura A, Ohkubo M. Nonidentifiable anonymous-ID scheme for RFID privacy protection. Joho Shori Gakkai Shinpojiumu Ronbunshu, 2003, (15): 497–502.
Lu L, Liu Y, Hu L, Han J, Ni L M. A dynamic key-updating private authentication protocol for RFID systems. In Proc. International Conference on Pervasive Computing and Communications (PerCom 2007), New York, USA, IEEE, IEEE Computer Society Press, March 2007, pp.13–22.
Juels A. RFID security and privacy: A research survey. Manuscript, September 2005.
Weis S A, Sarma S E, Rivest R L, Engels D W. Security and privacy aspects of low-cost radio frequency identification systems. In Proc. International Conference on Security in Pervasive Computing (SPC 2003), Hutter D, Müller G, Stephan W, Ullmann M (eds.), LNCS 2802, Boppard, Germany, Springer-Verlag, March 2003, pp.454–469.
860 MHz–960 MHz class I radio frequency identification tag radio frequency and logical communication interface specification proposed recommendation, version 1.0.0. Technical Report MIT-AUTOID-TR-007, Auto-ID Center, November 2002.
Molnar D, Wagner D. Privacy and security in library RFID: Issues, practices, and architectures. In Proc. Conference on Computer and Communications Security (ACM CCS), Pfitzmann B, Liu P (eds.), Washington DC, USA, ACM, ACM Press, October 2004, pp.210–219.
Koblitz N. Elliptic curve cryptosystems. Mathematics of Computation, 1987, 48: 203–209.
Miller V S. Use of elliptic curves in cryptography. In Proc. Advances in Cryptology (CRYPTO’85), LNCS 218, Springer, 1986, pp.417–426.
David Chaum, Jan-Hendrik Evertse, Jeroen van de Graaf, René Peralta. Demonstrating possession of a discrete logarithm without revealing it. In Proc. Advances in Cryptology (CRYPTO’86), Santa Barbara, USA, August 1986, pp.200–212.
Schnorr C P. Efficient signature generation by smart cards. Journal of Cryptology, January 1991, 4(3): 161–174.
Martínez S, Tomàs R, Roig C, Valls M, Moreno R. Parallel calculation of volcanoes for cryptographic uses. In Proc. the 20th IEEE International Parallel & Distributed Processing Symposium (IPDPS), Workshop on Parallel and Distributed Scientific and Engineering Computing (PDSEC), Rhodes Island, Greece, April 25–29, 2006, p.8.
Miret J, Moreno R, Sadornil D, Tena J, Valls M. An algorithm to compute volcanoes of 2-isogenies of elliptic curves over finite fields. Applied Mathematics and Computation, 2006, 176(2): 739–750.
Batina L, Guajardo J, Kerins T, Mentens N, Tuyls P, Verbauwhede I. An elliptic curve processor suitable for RFID-tags. Cryptology ePrint Archive, Report 2006/227, 2006.
SECG. SEC 2: Recommended elliptic curve domain parameters. Standards for Efficient Cryptography Group, Certicom Corp., September 2000.
Menezes A J, van Oorschot P C, Vanstone S A. Handbook of Applied Cryptography. CRC Press, 1996.
Batina L, Guajardo J, Kerins T, Mentens N, Tuyls P, Verbauwhede I. Public-key cryptography for RFID-tags. In Proc. International Workshop on Pervasive Computing and Communication Security (PerSec 2007), New York, USA, IEEE Computer Society Press, March 2007, pp.217–222.
Ward Douglas Maurer, Theodore Gyle Lewis. Hash table methods. ACM Comput. Surv., 1975, 7(1): 5–19.
Rieback M R, Crispo B, Tanenbaum A S. The evolution of RFID security. IEEE Pervasive Computing, January–March 2006, 5(1): 62–69.
Author information
Authors and Affiliations
Corresponding author
Additional information
This work is supported by the Generalitat de Catalunya under Grant No. FIC 2007FIC 00880, and the projects of the Spanish MCyT MTM2007-66842-C02-02 and TIN2006-15662-C02-02.
Rights and permissions
About this article
Cite this article
Martínez, S., Valls, M., Roig, C. et al. A Secure Elliptic Curve-Based RFID Protocol. J. Comput. Sci. Technol. 24, 309–318 (2009). https://doi.org/10.1007/s11390-009-9226-3
Received:
Revised:
Published:
Issue Date:
DOI: https://doi.org/10.1007/s11390-009-9226-3