Abstract
RFID, which stands for Radio Frequency Identification, is a relatively new technology often envisioned as an enabler of the Internet of Things. The widespread use of this technology, however, introduces many security and privacy risks since tags contain information that can be easily obtained by anyone with a reader. Eventually this can lead to tracking of users, profiling and violation of their basic right to privacy.In this work we make an important step in providing for RFID privacy by letting users control all the tags they possess. The moment a person buys a tagged object and becomes the owner of it, no one should be able to find any information about the object or have access to the tag. We do this by developing and formalizing the notion of a key-evolving RFID system. In particular, (i) we explain how such a system can be made forward secure using pseudo-random generators and functions, (ii) we derive concrete results based on the security of the underlying primitives, and (iii), we explain how this can be realized in practice using a protocol that achieves secure ownership transfer and controlled delegation without relying on Trusted Third Parties.
Sign-in/Register to access full text options 
Talk to us
Join us for a 30 min session where you can share your feedback and ask us any queries you have
Schedule a call
