Privacy and security in library RFID: issues, practices, and architectures
Proceedings of the 11th ACM conference on Computer and communications security
Quantitative evaluation of unlinkable ID matching schemes
Proceedings of the 2005 ACM workshop on Privacy in the electronic society
YA-TRAP: Yet Another Trivial RFID Authentication Protocol
PERCOMW '06 Proceedings of the 4th annual IEEE international conference on Pervasive Computing and Communications Workshops
Towards an information theoretic metric for anonymity
PET'02 Proceedings of the 2nd international conference on Privacy enhancing technologies
Optimal key-trees for tree-based private authentication
PET'06 Proceedings of the 6th international conference on Privacy Enhancing Technologies
Reducing time complexity in RFID systems
SAC'05 Proceedings of the 12th international conference on Selected Areas in Cryptography
IEEE Transactions on Information Theory
Improved Privacy of the Tree-Based Hash Protocols Using Physically Unclonable Function
SCN '08 Proceedings of the 6th international conference on Security and Cryptography for Networks
rfidDOT: RFID delegation and ownership transfer made simple
Proceedings of the 4th international conference on Security and privacy in communication netowrks
Performance analysis of the simple lightweight authentication protocol
Proceedings of the 7th International Conference on Advances in Mobile Computing and Multimedia
Review: Privacy versus scalability in radio frequency identification systems
Computer Communications
Tree-based RFID authentication protocols are definitively not privacy-friendly
RFIDSec'10 Proceedings of the 6th international conference on Radio frequency identification: security and privacy issues
ACISP'12 Proceedings of the 17th Australasian conference on Information Security and Privacy
Simple Lightweight Authentication Protocol: Security and Performance Considerations
International Journal of Business Data Communications and Networking
Improved anonymity for key-trees
RFIDSec'12 Proceedings of the 8th international conference on Radio Frequency Identification: security and privacy issues
Personal and Ubiquitous Computing
Hi-index | 0.00 |
Radio Frequency Identification (RFID) systems promise large scale, automated tracking solutions but also pose a threat to customer privacy. The tree-based hash protocol proposed by Molnar and Wagner presents a scalable, privacy-preserving solution. Previous analyses of this protocol concluded that an attacker who can extract secrets from a large number of tags can compromise privacy of other tags. We propose a new metric for information leakage in RFID protocols along with a threat model that more realistically captures the goals and capabilities of potential attackers. Using this metric, we measure the information leakage in the tree-based hash protocol and estimate an attacker's probability of success in tracking targeted individuals, considering scenarios in which multiple information sources can be combined to track an individual. We conclude that an attacker has a reasonable chance of tracking tags when the tree-based hash protocol is used.