A Simple Privacy Protecting Scheme Enabling Delegation and Ownership Transfer for RFID Tags

Fouladgar, Sepideh; Afifi, Hossam

doi:10.4304/jcm.2.6.6-13

Cited by 34 publications

(14 citation statements)

References 15 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

“…Secure ownership transfer protocols can be broadly classified as schemes that rely on a trusted intermediary (trusted third party (TTP)) [22,23] and schemes that do not [21,24]. In the former, ownership transfer is achieved based on shared secrets between the TTP, the servers and the tag.…”

Section: Related Workmentioning

confidence: 99%

See 1 more Smart Citation

Secure ownership transfer for multi-tag multi-owner passive RFID environment with individual-owner-privacy

Sundaresan

Doss

Zhou

et al. 2015

Computer Communications

View full text Add to dashboard Cite

Section: Related Workmentioning

confidence: 99%

“…Fouldagar and Afifi [24] propose two privacy preserving schemes for ownership transfer based on hash functions and symmetric key cryptographic functions. As noted earlier the use of hash function or keyed encryption functions is not in compliance with EPC C1G2 standard.…”

Section: Related Workmentioning

confidence: 99%

Secure ownership transfer for multi-tag multi-owner passive RFID environment with individual-owner-privacy

Sundaresan

Doss

Zhou

et al. 2015

Computer Communications

View full text Add to dashboard Cite

“…While a considerable body of research has been focused on securing tag transactions, only a few consider the concept of delegation like in [15][16][17][18][19]. In this paper, we firstly describe an architecture for a basic RFID delegation protocol and then analyze the security of a recent RFID delegation protocol, which we call SMD (Song Mitchell Delegation) due to name of the authors [15] under this model.…”

Section: Introductionmentioning

confidence: 99%

Security flaws in a recent RFID delegation protocol

Erguler

Anarım

2011

Pers Ubiquit Comput

View full text Add to dashboard Cite

Radio frequency identification (RFID) tag delegation enables a centralized back-end server to delegate the right to identify and authenticate a tag to specified readers. This should be used to mitigate the computational load on the server side and also to solve the issues in terms of latency and dependency on network connectivity. In this study, we describe a basic RFID delegation architecture and then under this model, we investigate the security of an RFID delegation protocol: Song Mitchell delegation (SMD), which is recently proposed by Song and Mitchell. We point out security flaws that have gone unnoticed in the design and present two attacks namely, a tag impersonation attack and a desynchronization attack against it. We also discover a subtle flaw by which a delegated entity can still keep its delegation rights after the expire of them-this infringes security policy of the scheme. More precisely, we show that the protocol will be still vulnerable to previously mentioned attacks, even if the back-end server ends the delegation right of a delegated reader and update the secrets of the delegated tags. To counteract such flaws, we improve the SMD protocol with a stateful variant so that it provides the claimed security properties.

show abstract

“…Solutions based on symmetric encryption have also been proposed by Fouladgar and Afifi [15] and Koralalage et al [16]. Finally, one of the most recent protocols in this area is due to Dimitriou [17].…”

Section: Related Workmentioning

confidence: 99%

Secure Ownership and Ownership Transfer in RFID Systems

Deursen

Mauw

Radomirović

et al. 2009

Computer Security – ESORICS 2009

View full text Add to dashboard Cite

Abstract. We present a formal model for stateful security protocols. This model is used to define ownership and ownership transfer as concepts as well as security properties. These definitions are based on an intuitive notion of ownership related to physical ownership. They are aimed at RFID systems, but should be applicable to any scenario sharing the same intuition of ownership. We discuss the connection between ownership and the notion of desynchronization resistance and give the first formal definition of the latter. We apply our definitions to existing RFID protocols, exhibiting attacks on desynchronization resistance, secure ownership, and secure ownership transfer.

show abstract

A Simple Privacy Protecting Scheme Enabling Delegation and Ownership Transfer for RFID Tags

Cited by 34 publications

References 15 publications

Secure ownership transfer for multi-tag multi-owner passive RFID environment with individual-owner-privacy

Secure ownership transfer for multi-tag multi-owner passive RFID environment with individual-owner-privacy

Security flaws in a recent RFID delegation protocol

Secure Ownership and Ownership Transfer in RFID Systems

Contact Info

Product

Resources

About