Secure RFID ownership transfer protocols

Nan Li, Yi Mu, Willy Susilo, Vijay Varadharajan

Research output: Chapter in Book/Report/Conference proceedingConference proceeding contributionpeer-review

3 Citations (Scopus)


An RFID tag could change hands many times during its lifetime. In a retail chain, the ownership of the tag is instituted by the supplier who initially owns the tag. In the view of a buyer, the validity of the current tag ownership and the originality of supplier are most important. In typical RFID ownership transfer protocols, the knowledge of the tag's authentication key proves the ownership. However, it is insufficient against an active attacker, since tags are usually lack of tamper-proof protections. Ownership transfer relies on a successful verification of tag's supplier and current ownership. In this paper, we formally define the security model of ownership transfer protocols and propose a secure ownership transfer protocol. In our scheme, current owner provides a new owner with the evidence of transfer and a proof of tag origin. Key management becomes easy in our system, since the one asymmetric verification key of the owner can be used to verify multiple tags that belong to the owner.

Original languageEnglish
Title of host publicationInformation Security Practice and Experience - 9th International Conference, ISPEC 2013, Proceedings
EditorsRobert H. Deng, Tao Feng
Place of PublicationHeidelberg
PublisherSpringer, Springer Nature
Number of pages15
ISBN (Print)9783642380327
Publication statusPublished - 2013
Event9th International Conference on Information Security Practice and Experience, ISPEC 2013 - Lanzhou, China
Duration: 12 May 201314 May 2013

Publication series

NameLecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics)
Volume7863 LNCS
ISSN (Print)03029743
ISSN (Electronic)16113349


Other9th International Conference on Information Security Practice and Experience, ISPEC 2013


Dive into the research topics of 'Secure RFID ownership transfer protocols'. Together they form a unique fingerprint.

Cite this