Public key cryptography based privacy preserving multi-context RFID infrastructure

This is the latest version of this item.

Official URL: http://dx.doi.org/10.1016/j.adhoc.2007.12.004

In this paper, We propose a novel approach in designing an RFID infrastructure which foresees the usage of a single RFID tag within different contexts and for multiple purposes. We regard privacy as one of the most important design issues and show that an infrastructure for multi-purpose RFID tags to be used in different contexts can be implemented in a privacy preserving manner. We address security attacks such as cryptanalytic, impersonation, tracking, replay, and relay and show that the protocols used in the proposed infrastructure are secure against them. We also introduce a new angle to privacy in RFID systems by presenting spatio-temporal attacks as an important threat against privacy. We propose a methodology to thwart or alleviate these kinds of attacks. We develop our multi-context RFID infrastructure relying on usage of public key cryptography (PKC), which presents more scalable solutions in the sense that the backend servers can identify the tags approximately 57 times (est.) faster than the best symmetric cipher based systems when there are a million tags in the system. We demonstrate that our infrastructure is feasible even with passive class 2 RFID tags and that the requirements for PKC are comparable to those other cryptographic implementations based on symmetric ciphers proposed for RFID use.