Privacy and security in library RFID: issues, practices, and architectures
Proceedings of the 11th ACM conference on Computer and communications security
A Secure and Efficient RFID Protocol that could make Big Brother (partially) Obsolete
PERCOM '06 Proceedings of the Fourth Annual IEEE International Conference on Pervasive Computing and Communications
Picking Virtual Pockets using Relay Attacks on Contactless Smartcard
SECURECOMM '05 Proceedings of the First International Conference on Security and Privacy for Emerging Areas in Communications Networks
An RFID Distance Bounding Protocol
SECURECOMM '05 Proceedings of the First International Conference on Security and Privacy for Emerging Areas in Communications Networks
Security analysis of a cryptographically-enabled RFID device
SSYM'05 Proceedings of the 14th conference on USENIX Security Symposium - Volume 14
Defining Strong Privacy for RFID
PERCOMW '07 Proceedings of the Fifth IEEE International Conference on Pervasive Computing and Communications Workshops
Forward-security in private-key cryptography
CT-RSA'03 Proceedings of the 2003 RSA conference on The cryptographers' track
Strong and robust RFID authentication enabling perfect ownership transfer
ICICS'06 Proceedings of the 8th international conference on Information and Communications Security
Quantifying information leakage in tree-based hash protocols (short paper)
ICICS'06 Proceedings of the 8th international conference on Information and Communications Security
RFID guardian: a battery-powered mobile device for RFID privacy management
ACISP'05 Proceedings of the 10th Australasian conference on Information Security and Privacy
Energy comparison of AES and SHA-1 for ubiquitous computing
EUC'06 Proceedings of the 2006 international conference on Emerging Directions in Embedded and Ubiquitous Computing
A scalable, delegatable pseudonym protocol enabling ownership transfer of RFID tags
SAC'05 Proceedings of the 12th international conference on Selected Areas in Cryptography
RFID security and privacy: a research survey
IEEE Journal on Selected Areas in Communications
PSP: private and secure payment with RFID
Proceedings of the 8th ACM workshop on Privacy in the electronic society
Secure ownership and ownership transfer in RFID systems
ESORICS'09 Proceedings of the 14th European conference on Research in computer security
Vulnerabilities in some recently proposed RFID ownership transfer protocols
IEEE Communications Letters
An agent based back-end RFID tag management system
TrustBus'10 Proceedings of the 7th international conference on Trust, privacy and security in digital business
EC-RAC: enriching a capacious RFID attack collection
RFIDSec'10 Proceedings of the 6th international conference on Radio frequency identification: security and privacy issues
Practical RFID ownership transfer scheme
Journal of Computer Security - 2010 Workshop on RFID Security (RFIDSec'10 Asia)
Controlled delegation protocol in mobile RFID networks
EURASIP Journal on Wireless Communications and Networking
CHECKER: on-site checking in RFID-based supply chains
Proceedings of the fifth ACM conference on Security and Privacy in Wireless and Mobile Networks
A scalable RFID authentication protocol supporting ownership transfer and controlled delegation
RFIDSec'11 Proceedings of the 7th international conference on RFID Security and Privacy
ROTIV: RFID ownership transfer with issuer verification
RFIDSec'11 Proceedings of the 7th international conference on RFID Security and Privacy
PUF-Based RFID authentication protocol against secret key leakage
APWeb'12 Proceedings of the 14th Asia-Pacific international conference on Web Technologies and Applications
PSP: Private and secure payment with RFID
Computer Communications
| Hi-index | 0.01 |
In this work we introduce rfidDOT, a protocol for secure access, delegation and ownership transfer of tags along with a model for formally defining privacy in such an environment. As current RFID tags emit constant identifiers that may help in identifying user habits and tracking of people, rfidDOT allows a user to securely own tagged products. Once a person becomes the owner of such an item, no one can have access to the tag nor find any information about it. Thus user privacy is guaranteed. Additionally, the protocol is secure against such attacks as tag cloning, tag/reader spoofing, eavesdropping, desynchronization and so on. Furthermore, since we don't expect a tagged item to stay with same owner forever, we provide the means to achieve ownership transfer and release without compromising the privacy of future or past owners. And in the unlikely case where user privacy is compromised, it can be restored in a simple and intuitive manner. Thus rfidDOT achieves a very strong notion of security that is necessary in RFID ownership transfer: forward and backward privacy.