TY - GEN
T1 - Secure RFID ownership transfer protocols
AU - Li, Nan
AU - Mu, Yi
AU - Susilo, Willy
AU - Varadharajan, Vijay
PY - 2013
Y1 - 2013
N2 - An RFID tag could change hands many times during its lifetime. In a retail chain, the ownership of the tag is instituted by the supplier who initially owns the tag. In the view of a buyer, the validity of the current tag ownership and the originality of supplier are most important. In typical RFID ownership transfer protocols, the knowledge of the tag's authentication key proves the ownership. However, it is insufficient against an active attacker, since tags are usually lack of tamper-proof protections. Ownership transfer relies on a successful verification of tag's supplier and current ownership. In this paper, we formally define the security model of ownership transfer protocols and propose a secure ownership transfer protocol. In our scheme, current owner provides a new owner with the evidence of transfer and a proof of tag origin. Key management becomes easy in our system, since the one asymmetric verification key of the owner can be used to verify multiple tags that belong to the owner.
AB - An RFID tag could change hands many times during its lifetime. In a retail chain, the ownership of the tag is instituted by the supplier who initially owns the tag. In the view of a buyer, the validity of the current tag ownership and the originality of supplier are most important. In typical RFID ownership transfer protocols, the knowledge of the tag's authentication key proves the ownership. However, it is insufficient against an active attacker, since tags are usually lack of tamper-proof protections. Ownership transfer relies on a successful verification of tag's supplier and current ownership. In this paper, we formally define the security model of ownership transfer protocols and propose a secure ownership transfer protocol. In our scheme, current owner provides a new owner with the evidence of transfer and a proof of tag origin. Key management becomes easy in our system, since the one asymmetric verification key of the owner can be used to verify multiple tags that belong to the owner.
UR - http://www.scopus.com/inward/record.url?scp=84883426672&partnerID=8YFLogxK
U2 - 10.1007/978-3-642-38033-4_14
DO - 10.1007/978-3-642-38033-4_14
M3 - Conference proceeding contribution
AN - SCOPUS:84883426672
SN - 9783642380327
VL - 7863
T3 - Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics)
SP - 189
EP - 203
BT - Information Security Practice and Experience - 9th International Conference, ISPEC 2013, Proceedings
A2 - Deng, Robert H.
A2 - Feng, Tao
PB - Springer, Springer Nature
CY - Heidelberg
T2 - 9th International Conference on Information Security Practice and Experience, ISPEC 2013
Y2 - 12 May 2013 through 14 May 2013
ER -