Security and Privacy Applied Research Lab

Feasible Privacy for Lightweight RFID Systems

David Evans
Department of Computer Science
University of Virginia


Ubiquitous electronic labels present new privacy perils including individual tracking, behavior profiling, and corporate espionage. Passive RFID tags raise particularly serious privacy issues since they can be read silently from a distance, and are cheap and small enough to be embedded in many items an individual carries. Several protocols have been proposed for privacy protection in identification systems, but they rely on cryptographic hash functions that cannot be implemented on passive RFID tags. In this talk, I will present a new perspective on evaluating the privacy threat posed by RFID systems that uses an information-theoretic measure of privacy loss in the presence of a sophisticated, but rational, attacker. I will introduce ideas for actually implementing privacy protocols within the severe power constraints of RFID tags. Our analysis leads to the definition of a new type of hash function we call a "private hash function". I will describe a simple, abstract design that fulfills the requirements of a private hash function, and present a candidate instantiation of the design we propose. Our implementation is small enough to be implemented on RFID tags and is resistant against known cryptanalytic techniques.

This talk describes work primarily done by PhD student Karsten Nohl.


David Evans is an Associate Professor at the University of Virginia and Director of the College of Arts & Sciences Major in Computer Science. He has SB, SM and PhD degrees in Computer Science from MIT. His research interests include program analysis, security through diversity, exploiting properties of the physical world for security, and applications of cryptography. For more information, see