RFID tag and reader


May 2009 - EC Recommendation on RFID Privacy and Security stated that:
              "privacy and information security features should be built into
               RFID applications .."

RFID systems can be used for automatic identification and comprise a tag that is placed within an object, and a reader, which can automatically retrieve information stored on the tag. This technology is currently used for access control, inventory control, product tracking, in some passports and many believe that RFID tags may even replace the barcode.

However, the fact that RFID systems involve contactless communication, are non line-of-sight and that tags broadcast information, raises significant security concerns including violation of privacy, consumer tracking and product forgery. Providing security for tags is very difficult due to limitations in terms of area, power and response time. Therefore, the use of strong security techniques, such as asymmetric encryption, is routinely dismissed.

The objective of this research is to investigate suitable cryptographic architectures for low resource, low power applications such as RFID. Research work has been conducted in collaboration with Dr Matt Robshaw, France Telecom R&D. To date, this has led to the successful design of a public key authentication architecture that can be used to prevent tag forgery and which adequately meets the power, area and timing requirements imposed by RFID tags.