Current work in RFID security focuses mainly on authentication and privacy preserving identification. In this paper, we discuss the possibility of widening the scope of RFID security by introducing a new application scenario. The application we propose aims at collecting statistics on some attributes. The main requirement is to perform this operation without violating the privacy of the holders of tags. In order to do so, we combine homomorphic encryption and aggregation at the readers to ensure the privacy of the data stored on tags and re-encryption technique to prevent tracking. AnSta is the scheme we propose to implement such an application. In AnSta, RFID tags store an encrypted form of the values of the targeted attributes. The readers scan tags and forward the aggregate of their encrypted readings to the back-end server. The back-end server then decrypts the aggregates it receives and updates the global statistics accordingly. AnSta is provably privacy-preserving. Moreover, tags can be very simple, they are not required to perform any kind of computation, but only to assure the storage of a few short messages.
AnSta : anonymous statistics using RFID tags
Cryptology ePrint Archive : Report 2009/481, September 2009
PERMALINK : https://www.eurecom.fr/publication/2905