[Seth-Trips] David Molnar on RFID dangers, Stanford,
Tomorrow (Thursday)
Aaron Swartz
aaronsw at gmail.com
Wed Dec 1 18:24:52 PST 2004
http://crypto.stanford.edu/seclab/sem-04-05/molnar.html
David Molnar, Berkeley
Privacy and Security in Library RFID
We expose privacy issues related to Radio Frequency Identification
(RFID) in libraries, describe current deployments, and suggest novel
architectures for library RFID. Unlike supply-chain RFID, library RFID
requires item-level tagging, thereby raising immediate patron privacy
issues. Current conventional wisdom suggests that privacy risks are
negligible if the data on an RFID is limited to a bar code; we show
this is not the case.
We further identify private authentication as a key technical issue:
how can a reader and tag that share a secret efficiently authenticate
each other without revealing their identities to an adversary?
Previous solutions to this problem require reader work linear in the
number of tags and cryptographic primitives such as
collision-resistant hash functions or pseudo-random functions. We give
a general scheme for building private authentication with work
logarithmic in the number of tags. Finally, we discuss directions for
future work.
When: Thursday, Dec 2, 4:30p
Where: Gates 4-B
More information about the Seth-Trips
mailing list