Feasible Privacy for Lightweight RFID Systems
David Evans
Department of Computer Science
University of Virginia
Abstract
Ubiquitous electronic labels present new privacy perils
including individual tracking, behavior profiling, and
corporate espionage. Passive RFID tags raise particularly
serious privacy issues since they can be read silently from a
distance, and are cheap and small enough to be embedded in
many items an individual carries. Several protocols have
been proposed for privacy protection in identification
systems, but they rely on cryptographic hash functions that
cannot be implemented on passive RFID tags. In this talk, I
will present a new perspective on evaluating the privacy
threat posed by RFID systems that uses an
information-theoretic measure of privacy loss in the presence
of a sophisticated, but rational, attacker. I will introduce
ideas for actually implementing privacy protocols within the
severe power constraints of RFID tags. Our analysis leads to
the definition of a new type of hash function we call a
"private hash function". I will describe a simple, abstract
design that fulfills the requirements of a private hash
function, and present a candidate instantiation of the design
we propose. Our implementation is small enough to be
implemented on RFID tags and is resistant against known
cryptanalytic techniques.
This talk describes work primarily done by PhD student
Karsten Nohl.
Biography
David Evans is an Associate Professor at the University of
Virginia and Director of the College of Arts & Sciences Major
in Computer Science. He has SB, SM and PhD degrees in
Computer Science from MIT. His research interests include
program analysis, security through diversity, exploiting
properties of the physical world for security, and
applications of cryptography. For more information, see
http://www.cs.virginia.edu/evans/