Research Article
rfidDOT: RFID delegation and ownership transfer made simple
@INPROCEEDINGS{10.1145/1460877.1460921, author={Tassos Dimitriou}, title={rfidDOT: RFID delegation and ownership transfer made simple}, proceedings={4th International ICST Conference on Security and Privacy in Communication Networks}, publisher={ACM}, proceedings_a={SECURECOMM}, year={2008}, month={9}, keywords={RFID Security and Privacy Ownership Transfer Delegation Forward and Backward Security}, doi={10.1145/1460877.1460921} }- Tassos Dimitriou
Year: 2008
rfidDOT: RFID delegation and ownership transfer made simple
SECURECOMM
ACM
DOI: 10.1145/1460877.1460921
Abstract
In this work we introduce rfidDOT, a protocol for secure access, delegation and ownership transfer of tags along with a model for formally defining privacy in such an environment. As current RFID tags emit constant identifiers that may help in identifying user habits and tracking of people, rfidDOT allows a user to securely own tagged products. Once a person becomes the owner of such an item, no one can have access to the tag nor find any information about it. Thus user privacy is guaranteed. Additionally, the protocol is secure against such attacks as tag cloning, tag/reader spoofing, eavesdropping, desynchronization and so on. Furthermore, since we don't expect a tagged item to stay with same owner forever, we provide the means to achieve ownership transfer and release without compromising the privacy of future or past owners. And in the unlikely case where user privacy is compromised, it can be restored in a simple and intuitive manner. Thus rfidDOT achieves a very strong notion of security that is necessary in RFID ownership transfer: forward and backward privacy.