By Topic

Development of privacy-preserving RFID authentication system using mobile devices

Sign In

Cookies must be enabled to login.After enabling cookies , please use refresh or reload or ctrl+f5 on the browser for the login options.

Formats Non-Member Member
$33 $13
Learn how you can qualify for the best price for this item!
Become an IEEE Member or Subscribe to
IEEE Xplore for exclusive pricing!
close button

puzzle piece

IEEE membership options for an individual and IEEE Xplore subscriptions for an organization offer the most affordable access to essential journal articles, conference papers, standards, eBooks, and eLearning courses.

Learn more about:

IEEE membership

IEEE Xplore subscriptions

2 Author(s)
Hyeong-Chan Lee ; Department of Computer Science and Engineering, Soongsil University, Seoul, 156-743, Korea ; Jeong Hyun Yi

A mobile RFID system is a radio frequency identification technology that allows users to read the information on its tags. Systems that allow free reading of tags with mobile RFID reader devices represent a significant risk to individual privacy because unauthorized individuals may easily obtain personal information from the tags. In addition, the fixed ID values on tags can be used to track users in network segments. Although various solutions have previously been proposed to resolve this RFID privacy problem, most require numerous calculations to be performed on the tags. Therefore, these techniques require active tags with high-capacity embedded processors, which are expensive. In addition, it is not practical to apply these techniques to a mobile RFID system based on passive tags attached to devices because of not only the high price but also the bulkiness of the tags themselves. In this paper, we propose an efficient protocol for authentication, which allows transferring of the heavy calculations to the mobile reader devices, thus requiring only the resulting values to be stored on the tags. This study mainly focuses on improving the limitations of existing RFID authentication protocols, which usually assume active tags. The proposed protocol achieves the same security level and performance that can be obtained through active tags. To evaluate the performance of the proposed protocol, we implemented it using EPC Gen-2 tags, a smartphone, a UHF RF dongle, and a database. The proposed protocol meets various security requirements such as tag protection and location- and traffic-tracking prevention. The proposed protocol also meets other requirements such as lightweightness and the desired level of performance.

Published in:

ICTC 2011

Date of Conference:

28-30 Sept. 2011