ABSTRACT
CONTENTS 5.1 Introduction . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 126 5.2 Premier RFID Authentication and Privacy Protocols . . . . . . . . . . . . . . . . . . . . . . . . . . . 128
5.2.1 Tag “Killing” Protocols . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 128 5.2.2 Cryptography Protocols . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 128
5.3 RFID Privacy Devices . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 130 5.3.1 Faraday’s Cage . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 130 5.3.2 Active Jamming Device . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 130 5.3.3 Blocker Tag . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 130
5.4 RFID Protocols Based on Hash Functions . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 132 5.4.1 Hash Lock: The Original Hash Function-Based Approach . . . . . . . . . . . . . 132 5.4.2 Tree-Based Approaches . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 134 5.4.3 HashTree: A Dynamic Key-Updating Approach . . . . . . . . . . . . . . . . . . . . . . . 135
5.5 Other RFID Authentication and Privacy Protocols . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 138 5.5.1 Minimalist Cryptography . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 139 5.5.2 RFIDGuard: An Authentication and Privacy Protocol Designed for
Passive RFID Tags . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 140 5.6 Conclusion . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 143 References . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 144
Radio frequency identification (RFID) tags are cheap, simple devices that can store unique identification information and perform simple computation to keep better inventory of packages. This feature provides a significant advantage over barcodes, allowing them to be used in applications throughout various fields such as inventory tracking, supply chain management, theft-prevention, and the like. However, unlike barcodes, these tags have a longer range in which they are allowed to be scanned, subjecting them to unauthorized scanning by malicious readers and to various attacks, including cloning. Therefore, a security protocol for RFID tags is needed to ensure privacy and authentication between each tag and their reader. This chapter provides a general look over various security approaches created in recent years. These approaches include separate devices that were developed to protect an RFID tag and low-computation algorithmic protocols developed within the tag itself, two of which were developed by the authors of this chapter. The chapter is concluded by discussing the future direction of RFID security and some open research issues concerning its field of study.
