Ecole d'ingénieur et centre de recherche en Sciences du numérique

PSP : private and secure payment with RFID

Blass, Erik-Oliver;Kurmus, Anil;Molva, Refik;Strufe, Thorsten

WPES 2009, 8th ACM Workshop on Privacy in the Electronic Society, November 9, 2009, Hyatt Regency, Chicago, USA

    RFID can be used for a variety of applications, e.g., to conveniently pay for public transportation. However, achieving security and privacy of payment is challenging due to the extreme resource restrictions of RFID tags. In this paper, we propose PSP -- a secure, RFID-based protocol for privacy-preserving payment. Similar to traditional electronic cash, the user of a tag can pay access to a metro using his tag and so called coins of a virtual currency. With PSP, tags do not need to store valid coins, but generate them on the fly. Using Bloom filters, readers can verify the validity of generated coins offline. PSP guarantees privacy such that neither the metro nor an adversary can reveal the identity of a user or link subsequent payments. PSP is secure against invention and overspending of coins, and can reveal the identity of users trying to doublespend coins. Still, PSP is lightweight: it requires only a hash function and few bytes of non-volatile memory the tag.    

Document Doi Bibtex

Titre:PSP : private and secure payment with RFID
Mots Clés:RFID, Payment, Privacy, Security, Ecash
Type:Conférence
Langue:English
Ville:Chicago
Pays:ÉTATS-UNIS
Date:
Département:Sécurité numérique
Eurecom ref:2877
Copyright: © ACM, 2009. This is the author's version of the work. It is posted here by permission of ACM for your personal use. Not for redistribution. The definitive version was published in WPES 2009, 8th ACM Workshop on Privacy in the Electronic Society, November 9, 2009, Hyatt Regency, Chicago, USA http://dx.doi.org/10.1145/1655188.1655196
Bibtex: @inproceedings{EURECOM+2877, doi = { http://dx.doi.org/10.1145/1655188.1655196}, year = {2009}, title = {{PSP} : private and secure payment with {RFID}}, author = {{B}lass, {E}rik-{O}liver and {K}urmus, {A}nil and {M}olva, {R}efik and {S}trufe, {T}horsten }, booktitle = {{WPES} 2009, 8th {ACM} {W}orkshop on {P}rivacy in the {E}lectronic {S}ociety, {N}ovember 9, 2009, {H}yatt {R}egency, {C}hicago, {USA}}, address = {{C}hicago, {\'{E}}{TATS}-{UNIS}}, month = {11}, url = {http://www.eurecom.fr/publication/2877} }
Voir aussi: