Ecole d'ingénieur et centre de recherche en Sciences du numérique

ROTIV : RFID ownership transfer with issuer verification

Elkhiyaoui, Kaoutar; Blass, Erik-Oliver; Molva, Refik

RFIDSEC 2011, 7th Workshop on RFID Security and Privacy 2011, June 26-28, 2011, Amherst, Massachusetts, USA / Also published in Springer "LCNS", 2012, Volume 7055/2012

RFID tags travel between partner sites in a supply chain. For privacy reasons, each partner owns the tags present at his site, i.e., the owner is the only entity able to authenticate his tags. When passing tags on to the next partner in the supply chain, ownership of the old partner is transferred to the new partner. In this paper, we propose ROTIV, a protocol that allows secure ownership transfer against malicious owners. ROTIV offers as well issuer verification to prevent malicious partners from injecting fake tags not originally issued by some trusted party. As part of ownership transfer, ROTIV provides a constant-time, privacy-preserving authentication. ROTIV's main idea is to combine an HMAC-based authentication with public key encryption to achieve constant time authentication and issuer verification. To assure privacy, ROTIV implements key update techniques and tag state re-encryption techniques, performed on the reader. ROTIV is especially designed for lightweight tags which are only required to evaluate a hash function.  

Document Doi Bibtex

Titre:ROTIV : RFID ownership transfer with issuer verification
Type:Conférence
Langue:English
Ville:Amherst
Pays:ÉTATS-UNIS
Date:
Département:Sécurité numérique
Eurecom ref:3428
Copyright: © Springer. Personal use of this material is permitted. The definitive version of this paper was published in RFIDSEC 2011, 7th Workshop on RFID Security and Privacy 2011, June 26-28, 2011, Amherst, Massachusetts, USA / Also published in Springer "LCNS", 2012, Volume 7055/2012 and is available at : http://dx.doi.org/10.1007/978-3-642-25286-0_11
Bibtex: @inproceedings{EURECOM+3428, doi = {http://dx.doi.org/10.1007/978-3-642-25286-0_11}, year = {2011}, title = {{ROTIV} : {RFID} ownership transfer with issuer verification}, author = {{E}lkhiyaoui, {K}aoutar and {B}lass, {E}rik-{O}liver and {M}olva, {R}efik}, booktitle = {{RFIDSEC} 2011, 7th {W}orkshop on {RFID} {S}ecurity and {P}rivacy 2011, {J}une 26-28, 2011, {A}mherst, {M}assachusetts, {USA} / {A}lso published in {S}pringer "{LCNS}", 2012, {V}olume 7055/2012}, address = {{A}mherst, {\'{E}}{TATS}-{UNIS}}, month = {06}, url = {http://www.eurecom.fr/publication/3428} }
Voir aussi: