Usability of Display-Equipped RFID Tags for Security Purposes
نویسندگان
چکیده
The recent emergence of RFID tags capable of performing public key operations has enabled a number of new applications in commerce (e.g., RFIDenabled credit cards) and security (e.g., ePassports and access-control badges). While the use of public key cryptography in RFID tags mitigates many difficult security issues, certain important usability-related issues remain, particularly when RFID tags are used for financial transactions or for bearer identification. In this paper, we focus exclusively on techniques with user involvement for secure user-to-tag authentication, transaction verification, reader expiration and revocation checking, as well as association of RFID tags with other personal devices. Our approach is based on two factors: (1) recent advances in hardware and manufacturing have made it possible to mass-produce inexpensive passive displayequipped RFID tags, and (2) high-end RFID tags used in financial transactions or identification are usually attended by a human user (namely the owner). Our techniques rely on user involvement coupled with on-tag displays to achieve better security and privacy. Since user acceptance is a crucial factor in this context, we thoroughly evaluate the usability of all considered methods through comprehensive user studies and report on our findings.
منابع مشابه
Can Jannie verify? Usability of display-equipped RFID tags for security purposes
The recent emergence of RFID tags capable of performing public key operations enables a number of new applications in commerce (e.g., RFID-enabled credit cards) and security (e.g., ePassports and access-control badges). While the use of public key cryptography in RFID tags mitigates many difficult security issues, certain important usability-related issues remain, particularly when RFID tags ar...
متن کاملReaders Behaving Badly - Reader Revocation in PKI-Based RFID Systems
Recent emergence of RFID tags capable of performing public key operations motivates new RFID applications, including electronic travel documents, identification cards and payment instruments. In this context, public key certificates form the cornerstone of the overall system security. In this paper, we argue that one of the prominent -and still woefully unaddressedchallenges is how to handle re...
متن کاملCHECK THE DATE: Reader Revocation in PKI-Based RFID Systems
One prominent open problem with RFID tags that support public key cryptography is revocation of reader certificates. This is an important issue considering that highend RFID tags are geared for public key applications such as e-documents and contactless payment instruments. Furthermore, the problem is unique to public key-based RFID systems, since tags have no clock and thus cannot use traditio...
متن کاملRFID-Tags for Anti-counterfeiting
RFID-tags are becoming very popular tools for identification of products. As they have a small microchip on board, they offer functionality that can be used for security purposes. This chip functionality makes it possible to verify the authenticity of a product and hence to detect and prevent counterfeiting. In order to be successful for these security purposes too, RFID-tags have to be resista...
متن کاملGame-Based Cryptanalysis of a Lightweight CRC-Based Authentication Protocol for EPC Tags
The term "Internet of Things (IoT)" expresses a huge network of smart and connected objects which can interact with other devices without our interposition. Radio frequency identification (RFID) is a great technology and an interesting candidate to provide communications for IoT networks, but numerous security and privacy issues need to be considered. In this paper, we analyze the security and ...
متن کامل