RFID security and privacy : concepts, protocols, and architectures

✍ Scribed by Henrici, Dirk

Publisher: Springer
Year: 2008
Tongue: English
Leaves: 275
Series: Lecture notes in electrical engineering 17
Category: Library

No coin nor oath required. For personal study only.

✦ Synopsis

In the beginning of 2003, I found a short article about the privacy implications of RFID technology in a newspaper. It raised my interest, and after reading some early research papers on the topic, I thought: “There must exist better solutions. ” I c- cerned myself with the topic in my spare time. After having developed my rst - lutions, I asked my supervisor, Prof. Dr. Paul Muller ¨ , whether I could write a paper about my results. As the topic did not t into any running project or at least the overall research directions of his group, he could have answered no. But instead, he encouraged me to do it. The paper became a success, and many other papers about new concepts and solutions followed. Now the answer is obvious: There exist better solutions. I have dealt with the topic over the past years. Now I want to share the basics as well as current research results with the reader. This book is surely not a bedside reading. But with all the presented concepts, it can broaden the mind of the reader concerning security,privacy, and RFIDsystems. Iwishthe reader many new insights. There are many people I would like to thank. First of all, my thanks go to my ¨ supervisor, Prof. Dr. Paul Muller. He gave me room for creativity and plenty of rope to work on my own

✦ Table of Contents

Content: Cover --
Contents --
Outline --
1 Motivation and Vision --
2 Fundamentals --
2.1 RFID --
2.1.1 History --
2.1.2 Tags --
2.1.3 RFID Readers --
2.1.4 RFID Communication --
2.1.5 Backend/Middleware --
2.1.6 Overall System --
2.1.7 Summary --
2.2 Security --
2.2.1 Properties of Secure Systems --
2.2.2 Safeguards --
2.2.3 Security by Design --
2.2.4 Security Summary --
2.3 Privacy --
2.3.1 Historical Overview --
2.3.2 Defining Privacy --
2.3.3 The Importance of Privacy --
2.3.4 Privacy Today --
2.3.5 Current Development --
2.3.6 Perception of Privacy --
2.3.7 Regulation Approaches --
2.3.8 Design Guidelines for Technical Regulation --
2.3.9 Privacy Summary --
2.4 Cryptographic Primitives --
2.4.1 Symmetric-Key Cryptography --
2.4.2 Public-Key Cryptography --
2.4.3 Hash Functions --
2.4.4 Random Number Generation --
2.4.5 Implementation Considerations --
2.4.6 Cryptographic Primitives Summary --
2.5 Summary --
3 Analysis and Modeling --
3.1 Motivating Examples --
3.2 Threats --
3.3 Goals --
3.4 Challenges --
3.5 Attacker Capabilities --
3.6 Attacks on RFID Systems --
3.7 Current Situation --
3.7.1 Regulation Approaches --
3.7.2 Assessment of EPC and Gen II Tags --
3.8 Assessment of RFID Security and Privacy --
3.9 Summary --
4 Securing RFID Systems --
4.1 Data Management --
4.2 Discussion of Security and Privacy Goals --
4.3 Overview of Functionality Regarding Tags --
4.4 Implementation Considerations --
4.4.1 Limitations for Implementation --
4.4.2 Primitives for Implementation --
4.5 Discussion of Basic Functionality --
4.5.1 Identification --
4.5.2 Authentication --
4.5.3 Modification --
4.6 Additional Building Blocks --
4.6.1 Distinguishing Different Tag States --
4.6.2 Evaluating Lower Layer Information --
4.6.3 Alternative Communication Channels --
4.7 Evaluation Criteria --
4.8 Hash-based ID Variation --
4.8.1 Basic Concepts --
4.8.2 Protocol Realization --
4.8.3 Security Analysis --
4.8.4 Variants --
4.8.5 Evaluation --
4.8.6 Hash-based ID Variation Summary --
4.9 Summary --
5 Pseudonymization Infrastructures --
5.1 Motivation --
5.2 Basic Idea for Addressing the Problem --
5.3 Pseudonymization: Introduction and Related Work --
5.4 Definition of Requirements and Common Concepts --
5.5 Attack Targets and Attacker Capabilities --
5.6 Approach Based on Asymmetric Encryption --
5.7 Basic Approach Based on Hash Functions --
5.8 Advanced Approach Based on Hash Functions --
5.9 Hash Collisions and Pseudonym Shortening in Hash-Based Approaches --
5.10 Summary --
6 Extending the RFID System Model --
6.1 Classic RFID Model --
6.2 Untrusted Reading Entities --
6.3 Tag Bearer as Additional Entity --
6.4 Personal Manager --
6.5 Assembling the Building Blocks --
6.6 Summary --
7 Current Research --
7.1 Partial Solutions --
7.1.1 Identifier Modification Based on Triggered Hash Chains --
7.1.2 Policy Restricted Key-Value Pair Authentication --
7.2 ID-Zone Architecture --
7.2.1 Consideration of Requirements --
7.2.2 The Concept of Location Zones --
7.2.3 Device Identifiers and Certificates --
7.2.4 Basic Considerations Regarding Tag Identifiers --
7.2.5 Architectural Overview --
7.2.6 Procedure of Tag Identifier Alterati.

📜 SIMILAR VOLUMES

RFID Security and Privacy: Concepts, Pro

📁 RFID Security and Privacy: Concepts, Protocols, and Architectures (Lecture Notes Electrical Engineering)

✍ Dirk Henrici 📂 Library 📅 2008 🏛 Springer 🌐 English

The vision of a world in which privacy persists and security is ensured but the full potential of the technology is nevertheless tapped guides this work. It is argued that security and privacy can be ensured using technical safeguards if the whole RFID system is designed properly. The challenge is i

RFID: Applications, Security, and Privac

📁 RFID: Applications, Security, and Privacy

✍ Simson Garfinkel, Beth Rosenberg 📂 Library 📅 2005 🏛 Addison-Wesley Professional 🌐 English

<P><BLOCKQUOTE>“RFID is the first important technology of the twenty-first century. That’s an awesome responsibility. How can we know when and how RFID is being used? How can we make sure it is not misused? How can we exercise choice over how it affects us personally? How do we ensure it is safe? Th

RFID: applications, security, and privac

📁 RFID: applications, security, and privacy

✍ Rosenberg, Beth; Garfinkel, Simson 📂 Library 📅 2005;2006 🏛 Addison-Wesley Professional 🌐 English

Brings together contributions from stakeholder community - from RFID suppliers to privacy advocates and beyond. This book also looks beyond RFID, reviewing the privacy implications of Wi-Fi, Bluetooth, smart cards, biometrics, new cell-phone networks, and the ever-evolving Internet.

RFID and Sensor Networks: Architectures,

📁 RFID and Sensor Networks: Architectures, Protocols, Security, and Integrations (Wireless Networks and Mobile Communications)

✍ Yan Zhang, Laurence T. Yang, Jiming Chen 📂 Library 📅 2009 🌐 English

RFID Handbook: Applications, Technology,

📁 RFID Handbook: Applications, Technology, Security, and Privacy

✍ Syed A. Ahson, Mohammad Ilyas 📂 Library 📅 2008 🌐 English

RFID Handbook: Applications, Technology,

📁 RFID Handbook: Applications, Technology, Security, and Privacy

✍ Syed A. Ahson 📂 Library 📅 2008 🏛 CRC Press 🌐 English

Radio Frequency Identification (RFID) tagging is now used by the department of defense and many of the world’s largest retailers including Wal-Mart. As RFID continues to infiltrate industries worldwide, organizations must harness a clear understanding of this technology in order to maximize its pote