RFID Security: Cryptography and Physics Perspectives

Abstract

In this chapter, we provide an overview of mechanisms that are cheap to implement or integrate into RFID tags and that at the same time enhance their security and privacy properties. We emphasize solutions that make use of existing (or expected) functionality on the tag or that are inherently cheap and thus enhance the privacy friendliness of the technology “almost” for free. Technologies described include the use of environmental information (presence of light, temperature, humidity, etc.) to disable or enable the RFID tag, the use of delays to reveal parts of a secret key at different moments in time (this key is used to later establish a secure communication channel), and the idea of a “sticky tag,” which can be used to re-enable a disabled (or killed) tag whenever the user considers it to be safe. We discuss the security and describe usage scenarios for all solutions. Finally, we summarize previous works that use physical principles to provide security and privacy in RFID systems and the security-related functionality in RFID standards.