Feasible Privacy for Lightweight RFID Systems

David Evans
Security and Privacy Applied Research Seminar
Johns Hopkins University
Baltimore, MD
17 October, 2007


Ubiquitous electronic labels present new privacy perils including individual tracking, behavior profiling, and corporate espionage. Passive RFID tags raise particularly serious privacy issues since they can be read silently from a distance, and are cheap and small enough to be embedded in many items an individual carries. Several protocols have been proposed for privacy protection in identification systems, but they rely on cryptographic hash functions that cannot be implemented on passive RFID tags. In this talk, I will present a new perspective on evaluating the privacy threat posed by RFID systems that uses an information-theoretic measure of privacy loss in the presence of a sophisticated, but rational, attacker. I will introduce ideas for actually implementing privacy protocols within the severe power constraints of RFID tags. Our analysis leads to the definition of a new type of hash function we call a "private hash function". I will describe a simple, abstract design that fulfills the requirements of a private hash function, and present a candidate instantiation of the design we propose. Our implementation is small enough to be implemented on RFID tags and is resistant against known cryptanalytic techniques.

This talk describes work primarily done by PhD student Karsten Nohl.

David Evans is an Associate Professor at the University of Virginia and Director of the College of Arts & Sciences Major in Computer Science. He has SB, SM and PhD degrees in Computer Science from MIT. His research interests include program analysis, security through diversity, exploiting properties of the physical world for security, and applications of cryptography. For more information, see http://www.cs.virginia.edu/evans/

Slides: [PPT] [PDF (6 up)]

Related Papers:

Karsten Nohl and David Evans. Privacy through Noise: A Design Space for Private Identification. 2009 Annual Computer Security Applications Conference (ACSAC), Honolulu, Hawaii, 7-11 December 2009. (Paper: PDF, 10 pages)

Karsten Nohl and David Evans. Quantifying Information Leakage in Tree-Based Hash Protocols (short paper). Eigth International Conference on Information and Communications Security (ICICS). Raleigh, North Carolina, December 2006. (Paper: PDF, 10 pages; Technical Report (UVA-CS-2006-20): PDF, 12 pages)