CRYPTO '88 Proceedings on Advances in cryptology
Untraceable off-line cash in wallet with observers
CRYPTO '93 Proceedings of the 13th annual international cryptology conference on Advances in cryptology
CT-RSA '02 Proceedings of the The Cryptographer's Track at the RSA Conference on Topics in Cryptology
Special Uses and Sbuses of the Fiat-Shamir Passport Protocol
CRYPTO '87 A Conference on the Theory and Applications of Cryptographic Techniques on Advances in Cryptology
Keying Hash Functions for Message Authentication
CRYPTO '96 Proceedings of the 16th Annual International Cryptology Conference on Advances in Cryptology
PayWord and MicroMint: Two Simple Micropayment Schemes
Proceedings of the International Workshop on Security Protocols
PERCOMW '04 Proceedings of the Second IEEE Annual Conference on Pervasive Computing and Communications Workshops
YA-TRAP: Yet Another Trivial RFID Authentication Protocol
PERCOMW '06 Proceedings of the 4th annual IEEE international conference on Pervasive Computing and Communications Workshops
An RFID Distance Bounding Protocol
SECURECOMM '05 Proceedings of the First International Conference on Security and Privacy for Emerging Areas in Communications Networks
Practical Attacks on Proximity Identification Systems (Short Paper)
SP '06 Proceedings of the 2006 IEEE Symposium on Security and Privacy
Mobile phone based RFID architecture for secure electronic Payments using RFID credit cards
ARES '07 Proceedings of the The Second International Conference on Availability, Reliability and Security
Defining Strong Privacy for RFID
PERCOMW '07 Proceedings of the Fifth IEEE International Conference on Pervasive Computing and Communications Workshops
Provably Secure Grouping-Proofs for RFID Tags
CARDIS '08 Proceedings of the 8th IFIP WG 8.8/11.2 international conference on Smart Card Research and Advanced Applications
rfidDOT: RFID delegation and ownership transfer made simple
Proceedings of the 4th international conference on Security and privacy in communication netowrks
ESORICS '08 Proceedings of the 13th European Symposium on Research in Computer Security: Computer Security
PSP: private and secure payment with RFID
Proceedings of the 8th ACM workshop on Privacy in the electronic society
Anonymizer-Enabled Security and Privacy for RFID
CANS '09 Proceedings of the 8th International Conference on Cryptology and Network Security
Cache-, hash- and space-efficient bloom filters
WEA'07 Proceedings of the 6th international conference on Experimental algorithms
ASIACRYPT'07 Proceedings of the Advances in Crypotology 13th international conference on Theory and application of cryptology and information security
Vulnerabilities in first-generation RFID-enabled credit cards
FC'07/USEC'07 Proceedings of the 11th International Conference on Financial cryptography and 1st International conference on Usable Security
The F_f-Family of Protocols for RFID-Privacy and Authentication
IEEE Transactions on Dependable and Secure Computing
Practical eavesdropping and skimming attacks on high-frequency RFID tokens
Journal of Computer Security - 2010 Workshop on RFID Security (RFIDSec'10 Asia)
Strong and robust RFID authentication enabling perfect ownership transfer
ICICS'06 Proceedings of the 8th international conference on Information and Communications Security
New proofs for NMAC and HMAC: security without collision-resistance
CRYPTO'06 Proceedings of the 26th annual international conference on Advances in Cryptology
Reducing time complexity in RFID systems
SAC'05 Proceedings of the 12th international conference on Selected Areas in Cryptography
Information confinement, privacy, and security in RFID systems
ESORICS'07 Proceedings of the 12th European conference on Research in Computer Security
Hi-index | 0.24 |
RFID can be used for a variety of applications, e.g., to conveniently pay for public transportation. However, achieving security and privacy of payment is challenging due to the extreme resource restrictions of RFID tags. In this paper, we propose PSP - a secure, RFID-based protocol for privacy-preserving payment that supports multiple different payees. Similar to traditional electronic cash, the user of a tag can pay for a service using his tag and so called coins of a virtual currency. With PSP, tags do not need to store valid coins, but generate them on the fly. Using Bloom filters, readers can verify the validity of generated coins offline. PSP guarantees privacy such that neither payees nor an adversary can reveal the identity of a user or link subsequent payments. PSP is secure against invention and overspending of coins, and can reveal the identity of users trying to double spend coins. Still, PSP is lightweight: it requires only a hash function and few bytes of non-volatile memory on the tag.