Security of an RFID Protocol for Supply Chains

Ton van Deursen, Saša Radomirović

Research output: Chapter in Book/Report/Conference proceedingConference contribution

15 Citations (Scopus)
246 Downloads (Pure)

Abstract

We report on the security claims of an RFID authentication protocol by Li and Ding which was specifically designed for use in supply chains. We show how the protocol's vulnerabilities can be used to track products, relate incoming and outgoing products, and extort supply chain partners. Starting from a discussion of the relevant security requirements for RFID protocols in supply chains, we proceed to illustrate several shortcomings in the protocol with respect to mutual authentication, unlinkability, and desynchronization resistance. We investigate the use of the xor operator in the protocol, suggest possible improvements, and point out flaws in the proofs of the security claims.

Original languageEnglish
Title of host publicationProceedings of the ICEBE 2008 IEEE International Conference on e-Business Engineering; AiR 2008 IEEE International Workshop on Advances in RFID; EM2I 2008 IEEE International Workshop on E-Marketplace Integration and Interoperability; SOAIC 2008 IEEE International Workshop on Service-Oriented Applications, Integration and Collaboration; SOKM 2008 IEEE International Workshop on Service-Oriented Knowledge Management; BIMA 2008 IEEE International Workshop on Business Intelligence Methodologies and Applications; DKEEE 2008 IEEE International Workshop on Data and Knowledge Engineering for E-service and E-business, October 22-24, 2008 Xi’an, China
EditorsJen-Yao Chung, Muhammad Younas
Place of PublicationPiscataway
PublisherInstitute of Electrical and Electronics Engineers
Pages568-573
Number of pages6
ISBN (Print)9780769533957
DOIs
Publication statusPublished - 2008
Event2008 IEEE International Conference on E-Business Engineering - Nan Yang Hotel located in the south of Xi'an JiaoTong University, Xi'an, China
Duration: 22 Oct 200824 Oct 2008
http://conferences.computer.org/icebe/2008/index.htm (Link to Conference website)

Conference

Conference2008 IEEE International Conference on E-Business Engineering
Abbreviated titleICEBE 2008
Country/TerritoryChina
CityXi'an
Period22/10/0824/10/08
Internet address

ASJC Scopus subject areas

  • Management of Technology and Innovation
  • Computer Networks and Communications
  • Software

Fingerprint

Dive into the research topics of 'Security of an RFID Protocol for Supply Chains'. Together they form a unique fingerprint.

Cite this