Password Management for EPC Class 1 Generation 2 Transponders

Author

Wonnemann, Claus ; Struker, Jens

Author_Institution

Deptartment of Telematics, Albert-Ludwigs-Univ. Freiburg, Freiburg

fYear

2008

fDate

21-24 July 2008

Firstpage

29

Lastpage

35

Abstract

RFID systems compliant to the widely-used standard EPC class 1 generation 2 lack effective security mechanisms. We show that passwords used to protect critical functionality can be obtained by attackers with only moderate effort. Since more capable systems are not likely to replace the current standard in the medium term, it is crucial to embed the deployment of RFID technology into IT-ecosystems that ensure a minimization of the potential damage caused by an attack. This objective can be achieved by using transponder-individual passwords. The associated challenge of an efficient and scalable password management remains one of most pressing problems of an enterprise-spanning RFID deployment, however. In this paper, we present two approaches for a password management infrastructure and describe their integration into a retailer´s processes.

Keywords

message authentication; product codes; radiofrequency identification; retail data processing; transponders; EPC class 1 generation 2 transponder; IT-ecosystem; RFID system; electronic product code; password management; retailer process; security mechanism; transponder-individual password; Conference management; Costs; Data security; Protection; RFID tags; Radiofrequency identification; Standards development; Supply chains; Technology management; Transponders; EPC; RFID; password management; privacy; security;

fLanguage

English

Publisher

ieee

Conference_Titel

E-Commerce Technology and the Fifth IEEE Conference on Enterprise Computing, E-Commerce and E-Services, 2008 10th IEEE Conference on

Conference_Location

Washington, DC

Print_ISBN

978-0-7695-3340-7

Type

conf

DOI

10.1109/CECandEEE.2008.98

Filename

4785044