intranet cea
Projet rfid-ap
 
 RFID-AP
 
  Deliverables
Mentions légales
  Portal > Deliverables > Pages web > Main Focus
Main Focus

 

 
 
Modified on 04/14/2008 at 16:29

RFID-AP: RFID Authentication and Privacy

 

The widespread deployment of RFID tags is gathering pace around the world. These tags reply to the electronic prompts of a reader and can be used to store unique product identifiers such as the make and style of a piece of clothing or a unique identifier for a bottle of pharmaceuticals. As technology advances the applications for RFID tags will multiply and these tiny devices will become a ubiquitous part of our everyday life.

 

At the same time, however, it is well-known that such tags and their applications are not without risk. There are many security issues associated with the use of such devices ranging from the prevention of tag-cloning through to issues such as respecting the privacy rights of individuals.

 

The purpose of the RFID-AP project is to consider the range of security threats to applications based on the deployment of RFID-tags and to concentrate on two particular issues; those of authentication and privacy. While these are often presented as two different issues, many of the precautions we might take to protect our privacy are based on taking appropriate steps for authentication, for instance in ensuring that we only reveal tag information to a legitimate, i.e. authenticated, reader.

 

The RFID-AP project is split naturally into five work packages. The first work package surveys current practice while the last points to new and developing problems and techniques in RFID authentication and privacy.

 

The middle work packages consist of three closely-related and inter-dependent bodies of work. In one we will consider the design and implementation of low-cost cryptographic algorithms as part of a security solution. It is well-known that many cryptographic algorithms do not physically fit into the cheapest RFID tags. And yet, current research trends suggest that we can achieve more than we might expect.

 

In the second of the three middle work packages, we will consider the design and implementation of both conventional and novel protocols for RFID authentication. Just as for algorithms, conventional protocols can be too demanding in an RFID-based deployment. However there are some new techniques such as noisy tags might open new opportunities.

 

In the third work package, we concentrate on the practical and implementation aspects of both algorithms and protocols. Indeed, one of the over-arching principles of our work in RFID-AP will be that it should be practical and suited to real-world deployment.

 

The goal of RFID-AP, therefore, is to design and to prototype cryptographic algorithms and secure protocols for RFID deployment. Such algorithms and protocols could be used individually, or in combination, and our hope is that these will provide a practical and useful framework within which to apply innovative but practical techniques for device authentication and user privacy.