Please use this identifier to cite or link to this item:

Dynamic key-updating: Privacy-preserving authentication for RFID systems

Authors Lu, L. HKUST affiliated (currently or previously)
Han, J. HKUST affiliated (currently or previously)
Hu, L.
Liu, Y. View this author's profile
Ni, L.M. View this author's profile
Issue Date 2006
Source Proceedings - Fifth Annual IEEE International Conference on Pervasive Computing and Communications, PerCom 2007 , 2006, p. 13-22
Summary The objective of private authentication for Radio Frequency Identification (RFID) systems is to allow valid readers to explicitly authenticate their dominated tags without leaking tags' private information. To achieve this goal, RFID tags issue encrypted authentication messages to the RFID reader, and the reader searches the key space to locate the tags. Due to the lack of efficient key updating algorithms, previous schemes are vulnerable to many active attacks, especially the compromising attack In this paper, we propose a Strong and lightweight RFID Private Authentication protocol, SPA. By designing a novel key updating method, we achieve the forward secrecy in SPA with an efficient key search algorithm. We also show that, compared with existing designs, SPA is able to effectively defend against both passive and active attacks, including compromising attacks. Through proto-type implementation, we observe that SPA is practical and scalable in current RFID infrastructures. © 2007 IEEE.
Rights © 2007 IEEE. Personal use of this material is permitted. However, permission to reprint/republish this material for advertising or promotional purposes or for creating new collective works for resale or redistribution to servers or lists, or to reuse any copyrighted component of this work in other works must be obtained from the IEEE. This material is presented to ensure timely dissemination of scholarly and technical work. Copyright and all rights therein are retained by authors or by other copyright holders. All persons copying this information are expected to adhere to the terms and constraints invoked by each author's copyright. In most cases, these works may not be reposted without the explicit permission of the copyright holder.
Language English
Format Conference paper
Access View full-text via DOI
View full-text via Scopus
Files in this item:
File Description Size Format
SPA.pdf 286330 B Adobe PDF