Cryptology ePrint Archive: Report 2006/137

Defining Strong Privacy for RFID

Ari Juels and Stephen A. Weis

Abstract: In this work, we consider privacy in Radio Frequency IDentification (RFID) systems. Our contribution is threefold: (1) We propose a simple, formal definition of strong privacy useful for basic analysis of RFID systems, as well as a different (weaker) definition applicable to multi-verifier systems; (2) We apply our definition to reveal vulnerabilities in several proposed privacy-enhancing RFID protocols; and (3) We formally analyze and suggest improvements to ``Hash-Locks,'' one of the first privacy-enhancing RFID protocols in the literature.

Category / Keywords: foundations / RFID, privacy, definitions

Publication Info: Unpublished, work in progress

Date: received 7 Apr 2006

Contact author: sweis at mit edu

Available format(s): PDF | BibTeX Citation

Version: 20060409:192049 (All versions of this report)

Short URL: ia.cr/2006/137

Discussion forum: Show discussion | Start new discussion