Skip to Main Content
In this paper we propose a novel secure tag ownership transfer scheme for closed loop RFID systems. An important property of our method is that the ownership transfer is guaranteed to be atomic and the scheme is protected against desynchronisation leading to permanent DoS. Further, it is suited to the computational constraints of EPC Class-1 Gen-2 passive RFID tags as they only use the CRC and PRNG functions that passive RFID tags are capable of. We provide a detailed security analysis to show that our scheme satisfies the required security properties of tag anonymity, tag location privacy, forward secrecy, forward untraceability while being resistant to replay, desynchronisation and server impersonation attacks. Performance comparisons show that our scheme is practical and can be implemented on passive low-cost RFID tags.