This work was supported in part by National Science Council under the grants NSC-99-2219-E-033-001-, and by Chung Yuan Christian University under the grants CYCU-EECS.9801.
Protocol for ownership transfer across authorities: with the ability to assign transfer target†
Article first published online: 25 FEB 2011
Copyright © 2011 John Wiley & Sons, Ltd.
Security and Communication Networks
Volume 5, Issue 2, pages 164–177, February 2012
How to Cite
Yang, M. H. and Hu, H. Y. (2012), Protocol for ownership transfer across authorities: with the ability to assign transfer target. Security Comm. Networks, 5: 164–177. doi: 10.1002/sec.300
- Issue published online: 26 JAN 2012
- Article first published online: 25 FEB 2011
- MITM attack;
- mobile RFID;
- ownership transfer;
- replay attack
Radio Frequency Identification (RFID) has been widely deployed for its high capabilities in simple computation, storage, long scan distance, and simultaneous reading. With the combination of mobile devices and readers in recent years, it has been transformed to mobile RFID providing wider services for its users and mobility for its readers. E-commerce, for instance, has applied many of mobile RFID's deriving services, one of which is the transfer of a tagged item's ownership. To secure such transfer in a mobile RFID environment, we propose a new approach for ownership transfer across different authorities and prove it able to stand most threats for RFID and to prevent Denial of Service (DoS) attacks that derive from asynchrony. Another contribution in this paper is that we can assign transfer targets, which, except our scheme, can only be achieved by Yang et al.'s Cross Authority Ownership Transfer (CAOT) protocol. That scheme, however, involves heavy computation and is not suitable for lightweight tags, whereas this scheme is designed for lightweight tags and has been proved viable on low-cost passive tags and has better performance than any known ownership transfer schemes. Copyright © 2011 John Wiley & Sons, Ltd.