Conference PaperPDF Available

Privacy and Security in Library RFID: Issues, Practices, and Architectures


Abstract and Figures

We expose privacy issues related to Radio Frequency Identification (RFID) in libraries, describe current deployments, and suggest novel architectures for library RFID. Libraries are a fast growing application of RFID; the technology promises to relieve repetitive strain injury, speed patron self-checkout, and make possible comprehensive inventory. Unlike supply-chain RFID, library RFID requires item-level tagging, thereby raising immediate patron privacy issues. Current conventional wisdom suggests that privacy risks are negligible unless an adversary has access to library databases. We show this is not the case. In addition, we identify private authentication as a key technical issue: how can a reader and tag that share a secret efficiently authenticate each other without revealing their identities to an adversary? Previous solutions to this problem require reader work linear in the number of tags. We give a general scheme for building private authentication with work logarithmic in the number of tags, given a scheme with linear work as a sub-protocol. This scheme may be of independent interest beyond RFID applications. We also give a simple scheme that provides security against a passive eavesdropper using XOR alone, without pseudo-random functions or other heavy crypto operations.
Content may be subject to copyright.
Privacy and Security in Library RFID
Issues, Practices, and Architectures
David MolnarDavid Wagner
June 8, 2004
We expose privacy issues related to Radio Frequency Identification (RFID) in libraries,
describe current deployments, and suggest novel architectures for library RFID. Libraries are
a fast growing application of RFID; the technology promises to relieve repetitive strain injury,
speed patron self-checkout, and make possible comprehensive inventory. Unlike supply-chain
RFID, library RFID requires item-level tagging, thereby raising immediate patron privacy issues.
Current conventional wisdom suggests that privacy risks are negligible unless an adversary has
access to library databases; we show this is not the case. In addition, we identify private
authentication as a key technical issue: how can a reader and tag that share a secret efficiently
authenticate each other without revealing their identities to an adversary? Previous solutions to
this problem require reader work linear in the number of tags and cryptographic primitives such
as collision-resistant hash functions or pseudo-random functions. We give a scheme for building
private authentication with work logarithmic in the number of tags, and protocols that achieve
private authentication without expensive cryptographic primitives; we believe this scheme will
be of independent interest beyond RFID applications.
DRAFT: Please contact authors for latest version.
1 Introduction
Many libraries are starting to tag every item in their collections with radio frequency identification
(RFID) tags, raising patron privacy concerns. An RFID tag is a small, low-cost device that can
hold a limited amount of data and report that data when queried over radio by a reader. Several
libraries, such as the Santa Clara City Library in California, the University of Nevada, Las Vegas
library, and the Eugene, Oregon public library have already tagged every book, tape, CD, or
other item in their collections. In an item-level tagging regime, the ability to track tags raises the
possibility of surveillance of library patrons and their reading habits. We investigate privacy risks
in libraries’ use of RFID technology and methods for minimizing such risks. Supported by Intel OCR Fellowship.
The major driving force behind commercial deployment of RFID technology is presently logistics
and supply chain applications. The U.S. Department of Defense uses RFID to manage shipments
to armed forces worldwide. Meanwhile, several major retail chains, including WalMart, Target, and
Albertsons, have mandated that all suppliers introduce RFID. Aside from supply chain applications,
RFID technology is also found in proximity cards, car security devices, pet tracking, and other
specialized applications.
Most supply chain applications focus on tagging cases or pallets. A key question has been the
feasibility, security, and privacy of item-level tagging, in which each individual item is given its own
RFID tag. Many have raised concerns over the privacy implications of item-level tagging. Still,
item-level RFID tagging is often considered to be at least 5 or more years in the future for retail
RFID applications, due to the cost of tags, reader infrastructure, and uncertainty about near term
applications. In contrast, library RFID applications require item-level tagging, because RFIDs are
used to manage each item in a library collection. Thus, library RFID applications may be the
first major deployment of item-level tagging. This provides an interesting opportunity to study the
privacy implications of item-level RFID tagging in a concrete, real-world setting.
Our contributions are twofold. First, we survey libraries’ usage of RFID technology and analyze
the privacy risks of current deployments (Sections 2 and 3). In the process, we have discovered
several serious vulnerabilities that can compromise patrons’ privacy. For example, the lack of
appropriate access control allows tracking of people and books; the collision-avoidance protocol
used in today’s tags do not conceal tag identity; and poor key management practices threaten tag
security. This analysis shows that today’s practices and standards fail to protect patron privacy,
and vulnerabilities are present at all layers of the system.
Second, we propose new architectures for using RFID technology securely in libraries without
compromising privacy (Section 4). We identify private authentication as one of the key technical
challenges in this area. We want tags to reveal their identity to authorized RFID readers (e.g.,
those owned by the library), so that the library can track books as they are checked in and out.
For privacy, the tag must not disclose its identity until the reader has been authenticated; thus, the
reader must authenticate itself to the tag before doing anything else. Also, prudent key management
requires that each tag hold a different symmetric key. The paradox is that a legitimate reader cannot
authenticate itself until it knows which key to use, which requires knowing the tag’s identity, but
for privacy reasons the tag dares not reveal its identity to an unknown reader before that reader
has been authenticated. Nonetheless, despite the seeming impossibility of solving this problem, we
show that it is possible to reconcile these two demands. In particular, we show efficient protocols
for privacy-friendly symmetric-key authentication, which we expect will be well-suited to library
RFID applications and of interest beyond RFID.
Finally, we wrap up with a discussion of related work (Section 5) and conclude (Section 6).
2 RFID Background
A Radio Frequency Identification (RFID) tag is an electronic device that holds data. Typically
these tags are attached to an item and contain a serial number or other data associated with that
item. We will focus on passive RFID technology, in which the tag carries no power source, but
is instead powered by a radio signal from a separate RFID reader. For a detailed introduction to
RFID technology, see Finkenzeller [11].
RFID tags operate under severe restrictions compared to most personal computers, or even
most embedded systems. First, an RFID tag is powered only when within range of a reader.
This means that the tag has only an extremely limited amount of time to carry out computation.
Tag Type Example Library Example Vendors
Checkpoint WORM Santa Clara City Checkpoint
Checkpoint writeable None Checkpoint
TAGSYS C220-FOLIO U. Delaware VTLS, TechLogic
ISO 15693/18000-3 MODE 1 National U. Singapore 3M, Bibliotheca, Libramation
ISO 18000-3 MODE 2 Not yet available Coming soon
EPC Class 1 13.56MHz Not for library WalMart
EPC Class 0 915MHz Not for library WalMart
EPC Class 1 915MHz Not for library WalMart
Figure 1: Summary of current RFID types.
Pre-computation of results is impossible during times when the tag is out of range.
Second, an RFID has extremely few gates, and many of these are taken up by logic required for
basic operation. Weis et al. estimate as few as 5,000 gates are left over in a typical RFID design
for “extras” such as security [32]. In particular, symmetric encryption schemes, hash functions, or
pseudo-random functions are not possible on today’s RFID tags. In fact, tags may not even have
enough space for basic pseudo-random bit generators. Simple password comparisons and XOR
operations are all that can be expected on most current-generation RFID tags. In addition, an
RFID has almost no physical security.
Moore’s Law tells us that the number of transistors per unit silicon doubles every 18 months [25].
These extra transistors might be used to enable cryptographic primitives on tags of equal cost as
today’s tags. It is more likely, however, that economic pressures will lead manufacturers to focus
on ever-cheaper tags with a feature set similar to current-generation RFIDs. Because tags are
manufactured on a massive scale,1even a half cent difference in unit cost makes a huge impact.
RFID tags used in libraries operate on the 13.56 MHz band and are manufactured by several
companies, including Checkpoint Systems2, Texas Instruments, and TAGSYS. Checkpoint and
TAGSYS make proprietary tags, while the TI “Tag-It” platform follows the ISO 15693 standard.
ISO tags and TAGSYS tags are then resold by a variety of integrators, including 3M, TechLogic,
and VTLS. Checkpoint tags, on the other hand, are installed only by the library services division
of Checkpoint. In Figure 1 we give a table showing the most popular types of library RFID tags.
We also give example libraries where these tags are deployed, and a partial list of library RFID
vendors using each type of tag.
Recently, a new standard for RFID, ISO 18000, reached final stages of approval. ISO 18000-3
defines the physical interface and commands for 13.56 MHz tags. The 18000-3 standard is further
divided into two “MODEs.” MODE 1 is intended to be backwards compatible with the command
set defined in ISO 15693, but standardizes various elements of the RF interface. MODE 2, on
the other hand, is intended to be a next-generation RFID standard capable of supporting high-
speed data transfer and communications with large numbers of tags at once. In addition, MODE
2 tags are explicitly required to support a random number generator and a small amount of semi-
nonvolatile RAM. While MODE 2 tags are beginning to be manufactured, no library RFID vendor
currently offers them for deployment.
The EPCGlobal consortium also publishes a series of specifications for RFID tags. These tags
are aimed at supply chain markets and do not have a presence in the library setting. We note that
1At this writing, the RFID manufacturer Alien Technologies had announced plans to open a new plant in Fargo,
ND capable of providing one billion tags per year, mostly aimed at the supply chain market.
2Not the firewall company.
most previous works on RFID privacy have focused on 915MHz EPC Class 0 and Class 1 tags, and
we will discuss these tags when appropriate for comparison. We will also consider the EPC Class 1
13.56MHz tag specification. These tags also incorporate a special “kill” command that renders the
tag permanently inoperative; while the kill command is protected by password, reads and writes
are not.
The 13.56MHz tags used by libraries have several material differences from the 915MHz tags
considered for supply chain applications. First, the bandwidth available to 13.56MHz tags is strictly
limited by regulations in the US, the EU, and Japan. Second, the read range of 13.56MHz tags
is much less than that of 915MHz tags. As a result, RF air interface protocols, such as collision
avoidance, differ between 915MHz and 13.56MHz tags. We will focus in more detail on collision-
avoidance protocols in Section 3.2.
RFID tags communicate with the reader by passively modulating a radio signal broadcasted by
the reader. Because a reader is little more than a radio transceiver, this means that attackers will
be able to obtain illegitimate readers that can be used to query RFID tags from some distance.
Library RFID vendors claim that their readers can interact with tags from a distance of 2 feet (for
large sensors at library exits), and hand-held readers might work up to 8 inches away from the
tag [29, 3].3These distances are limited primarily by national regulations limiting reader power;
thus, we should be prepared for illegal readers that might have a read range several times larger.
Our observation is that a few feet of read range is sufficient for scanning people passing through
doorways and other close spaces. In fact, the sensors used to detect theft of library books look
remarkably like, and have similar read range to, the RF-based anti-theft sensors already used in
thousands of shops (see Figure 2). Later we will give more specific scenarios in which reading in
these close spaces raises privacy risks. For a detailed discussion of the physics of RFID reading, see
Reynolds [28].
Because the communication between reader and tag is wireless, there is a possibility for third
parties to eavesdrop on these signals. One unusual aspect of RFID communication is an asymmetry
in signal strength: because tags respond by passively modulating a carrier wave broadcast by the
reader, it will be much easier for attackers to eavesdrop on signals from reader to tag than on
data from tag to reader [32]. We make use of this property later, in our proposals for improved
reader-tag authentication.
Because many RFIDs may be in range of a reader at the same time, collision-avoidance protocols
must be used. The details of these protocols are often kept secret in proprietary tags. The ISO
18000 standard, however, specifies a collision-avoidance protocols for each of its two modes, as does
the EPCGlobal suite of tag protocols [18, 6, 5, 7]. These protocols require a separate identifier,
which we will call a collision-avoidance ID that may be independent of the data stored on the tag.
In Section 3.2 we show that the collision-avoidance ID can often be used to track tags.
3 Library RFID Practices and Problems
3.1 Current Library RFID Architectures
Once a library selects an RFID system, it is unlikely that anything short of catastrophe could
motivate a library to spend the money and labor required to physically upgrade the tags. Currently,
tags cost in the neighborhood of US$0.75 (exact prices are confidential and may vary widely) [3],
while readers and other equipment may cost multiple thousands of dollars.
3Compare to the 915MHz tags used in supply chain and retail applications, which in contrast can be read from a
distance of eight meters or more.
Figure 2: On the left, a Checkpoint library RFID tag. On the right, an exit gate.
Libraries make use of a bibliographic database to track circulation information about items in
a collection. Each book, upon being acquired by the library, is assigned a unique number, usually
called a bar code. There is no fixed relation between author, title, and bar code. In today’s library
RFID deployments, tags are programmed with at least the bar code. In addition, some vendors
suggest placing extra information on the tag, such as shelf location, last checked out date, author,
and title [22].
Check-out occurs at either a circulation desk or a special “self-check” machine that allows
patrons to check out their own books. In both cases, the RFID tag is read and the association
between ID number and book looked up in the bibliographic database, and the status of the book
is changed to “checked out” in the bibliographic database. Later, when the book is checked in, the
tag is read again and the bibliographic database updated.
The RFID tag also acts as a security device. Special RFID exit sensors are placed at the exit of
a library, just as most libraries today have exit sensors for magnetic strip anti-theft devices. When
a patron exits, the sensors scan for books that have not been checked out.
Depending on the vendor, the security check is achieved in at least one of two ways. One
method, used by 3M, VTLS, and Libramation among others, stores the status of the book on the
tag; a specific bit, often called a “security bit,” reveals whether the book is checked in or checked
out. It is important to note that the security bit does not necessarily affect whether the tag can be
read. The security bit must be correctly set at every check-in and check-out, or else false alarms
may be triggered. A second method, used by Checkpoint, does not store the circulation status on
the tag. Instead, the readers query the bibliographic database for the circulation status of the book
as it passes through the exit sensors; this introduces issues of latency due to query time.
Privacy concerns in today’s deployments have focused on the bibliographic database and short
range of RFID readers. Without the bibliographic database, an adversary cannot directly map a
bar code to the title and author of a book, and so cannot immediately learn the reading habits
of people scanned. Some library RFID proponents have argued that an adversary without the
database and with only short-range readers poses little to no risk. In the next section, we show
this is not the case.
3.2 Attacks on Current Architectures
In what follows, unless otherwise specified, we assume the adversary does not have access to the
bibliographic database. We do assume that the adversary has access to an RFID reader, however,
and where indicated has the power to perform passive eavesdropping or even active attacks. Our
attacks are summarized in Figure 3.
3.2.1 Detecting Tag Presence
Current do not prevent a reader from detecting a tag’s presence. Detecting a new library RFID tag
means someone or something moved a book into detection range, typically signalling the presence
of a human being. Detecting human presence enables applications such as alarm systems, adver-
tisements that respond when someone comes near, or real-time tracking of specific tags. The ability
to detect a human presence might, in some cases, be considered an infringement on that person’s
3.2.2 Static Tag Data and No Access Control
Referring to Figure 3, we see that none of today’s library RFID tags employ read passwords or
other read access control.4Because the bar code on the RFID tag never changes throughout its
lifetime, the ability to read it at will enables several privacy risks.
First, the adversary may determine which library owns the book and infer the origin of the
person carrying the book. In particular, bar codes for libraries with the Innovative bibliographic
database have well-known, geographically unique prefixes. Vendors may also place library IDs on
tags to prevent tags from one library from triggering readers at another. For example, police at
a roadblock may scan for patrons from specific city libraries in predominantly minority areas and
search them more carefully; this would raise issues of racial profiling.
Second, any static identifier can be used both to track and hotlist books. In book tracking, the
adversary tracks a book by correlating multiple observations of the book’s bar code. The adversary
may not necessarily know the title and author of the book unless the bibliographic database is
available, but the bar code can still be used to track the book’s movements. Tracking the book’s
movements may mean tracking the movements of the person in possession of that book. Combined
with video surveillance or other mechanisms, this may allow an adversary to link different people
reading the same book. In this way, an adversary can begin profiling individuals’ associations and
make inferences about a particular individual’s views, e.g. “this person checked out the same books
as a known terrorist” or “mainly younger people have been seen with this book, so this person is
In hotlisting, the adversary has a “hotlist” of books in advance that it wishes to recognize;
to determine the bar codes associated with these books, the adversary might visit the library to
read tags present on these books. Later, when the adversary reads an RFID tag, it can determine
whether that tag corresponds to a book on the hotlist. With current architectures, hotlisting is
possible; each book has a single static identifier, and this identifier never changes over the book’s
Hotlisting is problematic because it allows an adversary to gather information about an indi-
vidual’s reading habits without a court order. For example, readers could be set up at security
checkpoints in an airport, and individuals with hotlisted books set aside for special screening. For
another example, readers could be set up at the entrance to stores and used to tailor patron expe-
rience or target marketing; these readers would look almost identical to the anti-theft gates used
Hotlisting is not a theoretical attack. We recall FBI warnings regarding almanacs as an indicator
of terrorist activity [8]. We have also heard anecdotal reports from librarians that they refuse
requests by law enforcement to track specific titles, and there are troubling historical precedents
surrounding law enforcement and libraries. In the 1970s, the FBI Library Awareness Program
4Proprietary tag formats may raise the cost of building unauthorized readers, but such minor barriers will in-
evitably be defeated. As always, security through obscurity is not a good defense.
routinely monitored the reading habits of “suspicious persons”; this was stopped only after public
outcry and the passage of library privacy laws in many jurisdictions. Under the USA PATRIOT act,
however, patron records may be accessed by order of the Foreign Intelligence Surveillance Court,
or via a National Security Letter, as well as by a regular court order[9].
3.2.3 Collision-Avoidance IDs
Even if RFID tags were upgraded to control access to bar codes using read passwords or some
other form of access control, many tags can still be identified uniquely by their radio behavior.
In particular, many tags use a globally unique and static collision ID as part of their collision-
avoidance protocol. This typically will allow unauthorized readers to determine the tag’s identity
merely through its collision-avoidance behavior. We give some concrete examples of this issue.
In ISO 18000-3 MODE 1 tags, the current draft of the standard specifies that each tag
will have a globally unique, 64-bit “MFR Tag ID.” Further, tags are mandated to support
an “Inventory” command that returns the MFR Tag ID as part of the response; no access
control is in place for this command. Thus, an attacker with a reader could learn the tag’s
identity simply by asking for it.
This ID is also used for the collision-avoidance protocol of MODE 1, which introduces a second
way that the tag’s identity can leak. The MODE 1 collision-avoidance protocol operates in
two modes: slotted or non-slotted. In non-slotted mode, the reader broadcasts a message
with a variable-length mask. All tags with least significant bits matching the mask respond,
while others remain silent. To learn a tag’s ID, an adversary need only make two mask queries
per bit and see to which one the tag responds. By extending the mask by one bit each time,
the adversary can learn a tag’s collision ID in 64 queries. Because in the MODE 1 collision-
avoidance protocol this ID is the same as the MFR Tag ID, this allows unique identification
of the tag. In the slotted verion of the MODE 1 protocol, time is divided into 16 slots based
on the most significant bits of the ID, and the process is similar.
EPC Class 1 13.56Mhz tags use their EPC identifier directly in a similar collision-avoidance
protocol [7].
ISO 18000-3 MODE 2 also specifies a 64-bit manufacturer ID. The ID is not used directly
for collision avoidance. The collision avoidance protocol requires the generation of random
numbers, however, and the standard specifies the use of “at least a 32-bit feedback shift
register or equivalent.” While it is not explicitly specified, we expect that each tag will have
a globally unique seed in practice. In particular, we note that 32 bits of the 64 bit manufacture
are defined to be a globally unique “specific identifier”; it would be natural to use this specific
identifier to seed a PRNG.
If a 32-bit LFSR is used, then tags can be uniquely identified. Specifically, if enough outputs
of the LFSR are observed due to observing the tag in the collision-avoidance protocol, the
entire state of the LFSR can be reconstructed using the Berlekamp-Massey algorithm and
run backwards to obtain the unique seed. In general, if a weak PRNG is used with the ISO
18000-3 MODE 2 protocol, tags can be identified.
In EPC 915Mhz tags, there are three different modes for “singulation” or collision avoidance,
one of which uses the globally unique Electronic Product Code (EPC) ID. The choice of
modes is controlled by the reader. An adversarial reader can simply ask the tag to use its
EPC ID; because there is no authentication of this command, the tag will obey.
As a consequence, any library system using one of these tags will be vulnerable to tracking and
hotlisting of books and patrons. The collision-avoidance behavior is hard-coded at such a low layer
of the tag that, no matter what higher layers do, privacy will be unachievable. This is unfortunate,
because it means that much of today’s RFID hardware is simply incompatible with privacy for
library patrons. It is also dangerous, as vendors and libraries may implement privacy-enhancing
methods that focus on tag data and then be unaware that tags are not in fact private.
3.2.4 Write Locks, Race Conditions, and Security Bit Denial of Service
In deployments with rewritable tags, some method must be used to prevent adversaries from writing
to the tag. Otherwise, an adversary can commit acts of vandalism such as erasing tag data,
switching two books’ RFID data, or changing the security status of tags with “security bits.”
Unfortunately, vandalism is a real threat to libraries, especially from people who feel certain books
should not be available; it would be naive to expect such people to ignore RFID-based vandalism
for long.
Unfortunately, several current specifications have write protection architectures that are prob-
lematic in the library application. The EPC 13.56Mhz tag specification, as well as ISO 18000-3
MODE 1, include a “write” and a “lock” command, but no “unlock” command. In addition,
write commands are not protected by password; this is consistent with a supply chain application
that writes a unique serial number to a tag, then never needs to re-write the number. While the
lock command is only an optional part of the ISO 18000-3 MODE 1 standard, it is supported by
many tags, including the Phillips ICode tags purchased by the National University of Singapore to
supplement its 3M library system [10]. In ISO 18000-3 MODE 2, locking is also irrevocable, but
protected by a 48-bit password.
Once locked, a piece of memory cannot be unlocked by any reader and so cannot be modified.
While this would prevent an adversary from changing the bar code, this architecture makes imple-
menting a security bit difficult. The page holding the security bit would need to be unlocked when
a book is checked in or out, or else the status of the bit could not be changed. At the same time,
nothing appears to prevent an adversary from changing the security bit to “not checked out” and
then locking that page of memory. The resulting tag is then unusable, as the memory cannot be
unlocked; physical replacement of the tag is required before the book can be checked out. We refer
to irrevocable locking of the security bit as a security bit denial of service.
In addition to the issues with implementing security bits, there is a privacy concern as well. If
there exists unlocked memory on the tag, an adversary can write its own globally unique identifier
and track tags based on this ID. This attack could bypass other mechanisms intended to prevent
tracking or hotlisting of tags, such as rewriting tag IDs as we discuss in Section 4.2.1. Therefore,
care should be taken to always lock all unused memory on writeable library RFID tags.
We note that TAGSYS C220 tags appear to avoid security bit denial of service by having a
special area of memory dedicated to the security bit built into the tag, separate from regular data
storage. We do not have details on how this bit is protected, but the data sheet suggests the use
of a 32-bit password [30]; we believe it has separate commands for lock and write as detailed next.
Checkpoint tags, in contrast, do not implement security bits, but rely on a database of checked-out
An alternative RFID architecture might implement separate “unlock,” “write,” and “lock”
commands, either on a per tag or per data page basis. Such an architecture is suggested by Weis
et al. in the context of “hash locks” [32]. Weis et al. note that session hijacking is possible in such
an architecture [32]. We further note that in such a system, it is possible for an active adversary
to bypass the write lock mechanism by racing a legitimate reader. After waiting for the legitimate
reader to unlock the tag, the adversary can then send write commands which will be accepted by
the tag.
In practice, tags may be left unlocked by accident if a tag is prematurely removed from a reader’s
field of control before the tag can be re-locked. We have anecdotal evidence that this occurs in
self-check stations when patrons place a large stack of books on the machine, but remove them
before all can be locked. In this case, the tag is vulnerable to malicious writes of all unlocked data.
If a security bit is unlocked, an adversary can cause false alarms for legitimately checked out books
or steal books from a library. If the item identifier is unlocked, the adversary may overwrite the
identifier, causing confusion and potentially a lost book.
In addition, several tag types support command sequences that force a tag to restart collision
avoidance protocols. In EPC Class 1 13.56MHz, the “Close Slot Sequence” command acts in this
way. In ISO 18000-3 MODE 1, one can send a “Stay Quiet” command followed by a “Select,” or a
“Reset To Ready.” For ISO 18000-3 MODE 2, an adversary could send a “Fully Muted” command
with the reader ID of the legitimate reader, which causes a tag to ignore all further traffic from that
reader. Then the adversary can begin collision avoidance with its own reader. Therefore we see
that RFID session hijacking is easy with today’s tags. If a unlock-write-lock architecture is overlaid
on these tags, special care must be taken that tags transition to the “locked” state on receipt of
any such commands.
3.2.5 Tag Password Management
The ISO 18000 standard and EPC specifications only allow for static passwords sent in the clear
from reader to tag. As noted, current deployments do not seem to use read passwords, but write
passwords are employed. There are two natural approaches to password management: (1) use a
single password per site; or, (2) endow each tag with its own unique password.
If a single password is used for all tags, then a compromise of any tag compromises the entire
system. In deployments that use writable security bits, the write password is used on every self-
checkout; in systems with read passwords, exit sensors must use the read password every time a book
leaves the library. In either case, passwords are available to a passive eavesdropper. Consequently,
eavesdropping on a single communication reveals the password used by every tag in the system,
a serious security failure. Once learned by a single adversary, a password can be posted on the
Internet. Then, anyone with a reader can mount the attacks we have discussed.
If different passwords per tag are used, then some mechanism is required to allow the reader to
determine which password should be used for which tag. Unfortunately, most obvious mechanisms
for doing so, such as having a tag send an index into a table of shared secrets to the reader, provide
tags with static, globally unique IDs. These globally unique IDs allow tracking and hotlisting of
tags, which would defeat the entire purpose of read access control. We need a mechanism for
reader and tag to authenticate each other without revealing the identity of the tag to adversaries.
In fact, it is not clear how to achieve efficient private shared secret authentication, even with PC-
class resources. Trying all passwords sequentially will take far too much time, since many libraries
have hundreds of thousands of books. Thus, privacy appears incompatible with prudent password
management. We will return to this question in Section 4.3.
4 Towards Private Library RFID Architectures
What can we do to improve the privacy properties of library RFID? We discuss can be done
with today’s tags, which may not have private collision avoidance. We then consider tags with
private collision avoidance, but otherwise similar to today’s tags. Finally, we the issue of “private
Tag Type Read PW Write PW DoS Priv. C.A. Priv. Auth.
Checkpoint WORM No n/a n/a Unknown No
Checkpoint writeable No Yes n/a Unknown No
TAGSYS C220 FOLIO No Yes (32 bits) Unknown Unknown No
ISO 15693/18000-3 MODE 1 No No (Lock) Yes No No
ISO 18000-3 MODE 2 Yes (48 bits) Yes (48 bits) YesNoNo
Figure 3: Summary of attacks. The fourth column indicates whether the tag type is vulnerable to
security bit denial of service; the fifth and sixth columns show whether the tag supports private
collision-avoidance and private authentication protocols. Note that all but the ISO 18000-3 MODE
2 tag lack access control and hence are vulnerable to straightforward hotlisting and tracking attacks.
ISO 18000-3 MODE 2 tags leak their identity through the collision-avoidance protocol (unless a
crypto-strength PRNG is used), and are vulnerable to security bit DoS attacks if the password is
authentication,” both on current generation tags and on future tags can support a pseudo-random
function (PRF).
4.1 Current Tags
Unfortunately, as we have shown, many types of current tags can be uniquely identified by their
collision-avoidance behavior. This identification is independent of any read access control on the
tag data. Consequently, it appears to be impossible to build privacy-preserving architectures for
library RFID on today’s tags.
4.2 Tags With Private Collision Avoidance
If we have a tag with private collision avoidance, then we have a hope for achieving a private library
RFID architecture. We now detail two specific proposals for enhancing privacy that do not require
one-way functions, hash functions, or other cryptographic primitives requiring many gates.
4.2.1 Random Transaction IDs on Rewritable Tags
Our first proposal is similar to the Anonymous ID scheme proposed by Ohkubo et al. [21]; we adapt
it to the library setting. On each check-out, the reader picks a new random number r, reads the
tag data D, and stores the pair (r, D) in a backend database. The RFID reader then erases D
from the tag and writes r. As a result, books possess different identifiers every time they leave the
library. On check-in, the library reader reads r, looks up the corresponding D, and writes Dback
to the tag. While tracking a book is still possible with this scheme, hotlisting is not. This scheme
also offers a measure of forward privacy if the database securely deletes rafter the book is checked
4.2.2 Improved Passwords Via Persistent State
One of the problems with simple passwords is that a passive eavesdropper can overhear the passs-
word. In the library RFID application, this is especially serious, as the exit sensors must read
every book leaving the library. It has been observed by several authors that the channel from tag
to reader is much harder to eavesdrop than the channel from reader to tag [32, 12]. With that in
mind, we propose a simple protocol for enhancing passwords in RFID tags. The main idea is for
the tag to send a random nonce to the reader; an adversary who misses the nonce cannot recover
the password from reader to tag communication alone.
Our protocol requires a random number generator, XOR gates, and the ability to keep state
during a single session. These assumptions appear to be realistic within today’s technology. Let s
be the shared secret password, and cmd the command to execute. Schematically, our protocol is:
Reader s∈ {0,1}nTag
cmd, p=rs
check that pr=s
This protocol is only intended to provide security against passive eavesdropping on the reader-to-
tag link; in particular, it does not provide security against man-in-the-middle attacks or attacks
that modify transmitted messages. If the adversary does not see the nonce value r, then (assuming
the tag picked the nonce uniformly at random) the secret sis information-theoretically secure.
Further, we note that an adversary cannot replay protocol messages, as the nonce required by the
tag changes each time. Finally, because the nonce ris independent of tag data or serial number, it
cannot be used to distinguish different tags.
4.3 Private Authentication
4.3.1 Motivation and Previous Work
As noted earlier (see §3.2), good security practice dictates that each tag have a distinct secret
key, raising the issue of how a reader knows which secret to use when presented with a new tag.
Trying each secret in turn will take too much communication to be feasible. At the same time,
most straightforward ways for accomplishing this goal provide unique identifiers for the tag, which
defeats the purpose of read access control in the library RFID setting. This is the symmetric-key
private authentication problem: how can two parties that share a secret authenticate each other
without revealing their identities to an adversary?
We refer to a private RFID authentication scheme by a triple of probabilistic polynomial time
algorithms (G, R, T ) (for Generator, Reader, and Tag). Let kbe a security parameter. The key
generator G(1k) is a randomized algorithm that outputs a reader secret key RK and a tag secret
key T K. Then the algorithms R(RK) and T(T K ) interact to perform authentication. We will
say a scheme is private if an adversary is unable to distinguish two different tags with different
secret keys, and secure if an adversary cannot fool a tag or reader into accepting when it does not
in fact know the secret key. We can investigate the privacy and security of such schemes against
several types of adversaries, such as the asymmetric eavesdropper discussed in Section 4.2.2, or
adversaries with limited ability to interact with a legitimate reader. It is even sensible to ask for
privacy against a man-in-the-middle adversary.
A key performance metric is how the amount of work performed by the reader scales with the
number of tags in the system. This is especially important in the library setting, where there may
be hundreds of thousands of items in a collection. There have been several proposals for private
authentication of RFID tags, but all require work linear in the number of tags, which will not scale.
Weis et al. suggest a randomized hash lock protocol for private authentication [32]. At setup
time, each tag is given a unique secret sand identification I D, and the reader has a database D
storing the list of pairs (s, I D). In their protocol, the tag sends a message consisting of (r, f s(r)ID)
to the reader, where sis a shared secret, fis a PRF, ris picked uniformly, and I D is the tag’s
unique identification. The reader then finds a pair (s, I D)Dthat is consistent with the tag’s
message, and the reader authenticates itself by sending back ID.
This scheme is neither private nor secure against passive eavesdroppers. In addition, there is
a further protocol attack: an adversary can query a tag and learn a valid pair (r, fs(r)I D),
which then allows the attacker to later impersonate that tag to a legitimate reader. The legitimate
reader’s response will identify the tag. This is a serious security flaw; it would allow hotlisting,
tracking, and other privacy abuses. In addition, the reader’s computational workload is linear in
the number of possible tags, when we use a separate key for each tag.
4.3.2 A Basic PRF Private Authentication Scheme
We propose a slight variant of the above scheme. Our scheme uses a PRF both to protect the
message from tag to reader and from reader to tag. The result is a private authentication scheme
with reader workload linear in the number of tags. The scheme works as follows:
Reader s∈ {0,1}nTag
r1R{0,1}nHELLO, r1
find (s, ID)Ds.t.
ID =σfs(0, r1, r2)
r2, σ=IDfs(0,r1,r2)
check that ID =τfs(1, r1, r2)
We refer to this basic PRF scheme as (Gbasic, Rbasic , Tbasic ).
4.3.3 Tree-Based Private Authentication
Let us say we have an upper bound Non the number of RFID tags we will need to support in
a system. Now given the existence of a subprotocol (G1, R1, T1) that is a private authentication
protocol with constant rounds, constant tag storage, and reader work linear in the number of tags,
we build a new tree-based private authentication protocol (Gtree , Rtree , Ttree ). The protocol has
reader work logarithmic in the number of tags, O(log n) rounds of interaction, and O(log n) tag
We consider the Ntags as leaves in a balanced binary tree, then associate each edge in the
tree with a secret. Each secret is generated uniformly and independently. The reader is assumed
to know all secrets. Each tag stores the dlg nesecrets corresponding to the path from the root to
the tag. The reader, when it wishes to authenticate itself to a tag, starts at the root and uses
R1to check whether the tag uses the “left” secret or the “right” secret. If the reader and the tag
successfully authenticate using one of these two secrets, the reader and tag continue to the next
level of the tree. If the reader fails to convince the tag on any level, the tag rejects the reader. If
the reader passes all secrets in the path, the tag accepts the reader.
This tree-based scheme requires dlg neinvocations of R1and T1with 2 secrets. Therefore the
total scheme requires O(log n) rounds of communication and O(log n) work for the reader. We
note that nothing restricts the tree-based scheme to binary trees; for instance, we can use larger
branching factors to trade off reader work against the number of rounds. In Appendix B we give
pseudocode for the tree-based scheme.
The main issue with our scheme is the number of rounds of communication. Ramzan and
Gentry have pointed out that it may be possible to perform all levels of the tree in parallel,
yielding a constant number of messages with length O(log n) [14]. We have not investigated the
privacy of the resulting parallel tree scheme. We could also generate the secrets using a PRF to
trade storage against on-line computation and effect of tag compromise.
We note that the tree-based scheme itself does not require a PRF. Instead, it works with
any underlying private authentication scheme. By using the enhanced password protocol of Section
4.2.2, we can achieve efficient private authentication even on tags without support for cryptographic
4.3.4 A Two-Phase Tree Scheme
As just described, the tree scheme uses a single fixed security parameter kfor all instances of R1
and T1, which therefore require communication cost at least kfor each of the dlog nerounds. The
tree scheme as a result requires O(klog n) communication. We now describe how we can create a
tree scheme with communication O(k+ log n) by splitting into two phases.
In the first phase, we run the tree scheme using R1and T1generated with a constant security
factor (that may depend on the level of the tree) to identify the tag. If the path from root to
tag is long compared to the security factors of the edges, the probability that either an adversary
identifies the tag or that a legitimate reader mis-identifies the tag will be low; we can tailor this
probability by trading off branching factor, N, and the phase-1 security parameter. In the second
phase, once the tag is identified, the reader and tag can execute R1and T1using kas the security
Reducing the communication in the first phase must affect only the soundness and not the
privacy of the scheme. For example, we could reduce the output of the PRFs in our basic scheme
to 2 bits (and truncate ID accordingly), but keep the size of the secret key unchanged.
For a concrete example, consider the basic PRF scheme, N= 220 and a two-level tree with
branching factor 210 = 1024. We give a tag three 64-bit secret keys: two for phase 1 and the final
key for phase 2. In both levels, we truncate the PRF output to 10 bits. We then expect to need
only one iteration of the first and one of the second level, for a total expected 2 ·210 = 211 PRF
evaluations for the reader and 4 PRF evaluations for the tag in phase 1, plus 2 each for phase 2.
Communication cost is then 10 + 10 + 64 = 84 bits of PRF output, plus the same amount for the
random nonces, for a total of 168 bits of communication. To fool a tag into accepting, the adversary
must pass both phase 1 and phase 2.
As before, following Ramzan and Gentry’s observation, we can run all levels of the tree scheme in
parallel and reduce rounds. Further, Ramzan notes that any authentication scheme with npossible
tags requires Ω(log n) communication cost, so we see our two-phase tree scheme is asymptotically
optimal [27].
5 Related Work
In the retail RFID space, the EPCGlobal suite of RFID specifications mandates that tags support
an irrevocable “kill” command. Once the kill command is activated, the tag is destroyed and
cannot be revived; it is envisioned that tags will be destroyed at point of sale. In the library
setting, however, tags must be re-used to check in loaned items. Irrevocably killing a tag is not an
Juels, Rivest, and Szydlo propose a device called a “blocker tag,” which has recently been
fabricated and demonstrated by RSA Data Security [20]. The blocker tag exploits the tree-walking
collision-avoidance protocol of 915Mhz EPC tags to “block” readers attempting to read tags of a
consumer. Because of bandwidth constraints, the 13.56Mhz tags used in library settings do not use
tree-walking, so their scheme is not applicable.
Unfortunately, in the library setting, RFID tags are used for security as well as item manage-
ment; use of a blocker tag would allow patrons to simply walk out of the library with whatever
books they like without checking them out, or may cause false alarms at exit gates. Similar is-
sues apply to physical methods of blocking RFID signals, such as the RFID-blocking book covers
suggested by Checkpoint Systems. In addition, blocking based approaches require the book to be
covered by the blocker at all times, or else the privacy benefit is lost.
Weis et al. focus on a broad range of security and privacy issues in the RFID space [32]. They
discuss the need for secure collision-avoidance protocols, focusing on the EPC tree-walking protocol.
Their protocol focuses on security against passive eavesdroppers who are assumed to hear the reader
to tag channel but not tag to reader communication. Their proposal, however, is modelled on the
915MHz EPC tree-walking protocol; a new protocol must be designed for 13.56MHz tags.
Weis et al. also introduce randomized hash locks. Unfortunately, it is not clear whether today’s
library RFID tags can support a hash function. Even if a hash function could be supported, as
discussed in Section 4.3, the scheme requires reader computation linear in the number of secrets.
Abadi and Fournet describe the problem of private authentication [2]. We differ in that we
work in the symmetric-key model, since public-key cryptography is out of reach for RFID tags.
In addition, their protocols also have linear work in the number of entities, while we achieve
logarithmic work. We note that the anonymous mode of IKE also achieves private authentication
with public-key cryptography[16].
Ohkubo, Suzuki, and Kinoshita proposed a method of changing RFID identities on each read
based on hash chains [26]. Their method also requires a hash function on the RFID tag, but does
not require a random number generator. Again, it is not clear that today’s library RFID tags can
support a hash function, and reader work linear in the number of tags is required to recognize an
Ohkubo et al. suggest an “anonymous ID” scheme, in which tags contain only a random number
that is periodically rewritten [21]. Their scheme appears similar to the scheme suggested in Section
Juels suggests the use of one-time authenticators or “pseudonyms” for RFID tags [19]. These
authenticators are refreshed by legitimate readers; an adversary is assumed not to be able to query
a single tag too many times in a row. His schemes also use only XOR and stored tag values, but
are only private for a fixed number of reads before refresh is necessary.Juels suggests “pseudonym
throttling” to prevent quick exhaustion of authenticators. He also specifically suggests a variant
scheme for library applications that gives tags a single authenticator for each checkout and prevents
hotlisting but not tracking; in this respect, the proposal is similar to the “anonymous ID” scheme.
Inoue and Yasuura suggested having two data banks on an RFID [17]. One databank is public,
read-only, and contains a well-known number, such as a bar code in the library setting. The other
is private, writable, and intended for use while an item is in control of a consumer to enable post
point of sale applications. The authors recognize that switching between the two data banks must
be secured, but leave the exact security mechanism as future work; therefore the scheme cannot be
used as is.
Several activist groups have raised the issue of patron privacy for library RFID. The Electronic
Frontier Foundation wrote a letter to the San Francisco Public Library raising several important
policy questions surrounding library RFID; unfortunately, the letter also advocates killing RFID
tags, which is not practical in the library setting [31]. A general “RFID Bill of Rights” was
proposed by Garfinkel [13]; it proposes a right to notice that RFIDs are in use and a right to RFID
Some vendors also have literature addressing the issue of library RFID and patron privacy.
The 3M “eTattler” newsletter claims that the proprietary nature of 3M RFID tags and the low
read range make privacy less of a concern [1]. The VTLS white paper on patron privacy cites low
read range and also mentions that “encryption” can be used to protect tag data [4]. While library
RFID read ranges may be low, they are still enough to provide for reading in doorways or other
close spaces from vendor standard readers; adversaries willing to break the law and build more
powerful readers may achieve greater range. Past experience also teaches us that it is dangerous to
rely solely on security through obscurity and proprietary protocols. Finally, while we agree better
access control is warranted in library RFID, it is hard to tell from the VTLS white paper what
exactly is meant by “encryption.”
Finally, the Berkeley Public Library has put together a series of “best practices” for library
RFID [23]. These practices include limiting the data on the tag to a bar code only and prohibiting
patrons from searching the bibliographic database by bar code. The Berkeley Public Library, as well
as San Francisco Public Library, have also released statements encouraging library RFID vendors
to produce better access control mechanisms. We have shown that privacy risks still exist even
when data is limited to a bar code and the adversary does not have access to the bibliographic
database, although in light of our results, the Berkeley practices seem to be the best possible with
today’s tags. While we heartily agree with encouraging RFID vendors to produce better access
control, we are not there yet.
6 Conclusions
Current library RFID tags do not prevent unauthorized reading of tag data. Therefore, information
such as title, author, shelf location, patron information, or last checkin/checkout time should in no
circumstance be stored on library RFID tags. Further, such information is not needed; a pointer to
a database is sufficient for all current and envisioned applications of library RFID tags, including
collection management and item sorting.
At the same time, both tracking and hotlisting are possible whenever a static identifier is used.
Therefore, if a static identifier is in place on the RFID tag, it is imperative to prevent unauthorized
tag reads. We stress that static identifiers may include collision IDs that are not protected by
access control mechanisms intended to protect tag data. To avoid tracking tags by collision ID,
some mechanism for private collision avoidance must be used, as described in Section 3.2.
Would our library RFID security and privacy problems go away if tags advanced to the point
where hash functions and symmetric encryption on tags became feasible? Our results on identifica-
tion via collision avoidance, private authentication, and write locks show the answer is no. Careful
design of the entire system is required to support privacy-enabled RFID applications.
What is more, libraries want RFID now. Over 130 libraries in North America alone have
installed RFID technology, and more are considering it. The American Library Association will
meet in Summer 2004 to discuss best practices for the library use of RFID; once these are finished,
we can expect the adoption rate among libraries to rise. Waiting for next generation tags that
support cryptography may not be acceptable, especially at increased cost. Tag vendors, in addition,
may be unwilling to introduce special modifications for what is a comparatively small market.
Even so, we have given specific proposals for improving privacy in current-generation RFID
tags. Unfortunately, such changes will require time, effort, and money, and no current library
RFID system supports them. There will be a substantial cost for privacy and security in the
library RFID setting.
Is the cost of privacy and security “worth it?” Put another way, should a library refuse to
buy RFID until systems are available that resist these attacks? We cannot dictate answers to this
question. What we have done, instead, is provide the means for libraries and their communities to
make an informed decision, and the technical options to improve future library RFID systems.
7 Acknowledgements
Our research is based on discussions with vendors and colleagues, review of available materials,
visits to library sites, and the result of working with several library systems. In no particular order,
we are thankful to the following individuals and organizations:
Peter Warfield, Karen Duffy (Santa Clara City Library), Karen Saunders (Santa Clara City
Library), Susan Hildreth (San Francisco Public Library), Al Skinner (Checkpoint), Paul Simon
(Checkpoint), Doug Karp(Checkpoint), Rebekah E. Anderson (3M), Jackie Griffin (Berkeley Public
Library), Elena Engel (BPL), Alicia Abramson(BPL) Lee Tien (Electronic Frontier Foundation),
Dan Moniz (EFF), Laura Quliter (Boalt Hall School of Law, UC-Berkeley), Jennifer Urban (Boalt),
Nathaniel Good (SIMS), Samuelson Technology and Policy Law Clinic at Boalt Hall School of
Law, Elizabeth Miles (Boalt), John Han (SIMS), Ross Stapleton-Gray, Eric Ipsen, Oleg Boyarsky
(Library Automation/FlashScan), Laura Smart (Library RFID Weblog/Cal State Pomona), Craig
K. Harmon (ISO 18000 committee), Justin Chen (SVCWireless RFID SIG), Steve Halliday(ISO
18000 committee), Zulfikar Ramzan (NTT DoCoMo), Craig Gentry (NTT DoCoMo), Hoeteck Wee,
Matt Piotrowski, Jayanth Kumar Kannan, Kris Hildrum, David Schultz, and Rupert Scammell.
[1] 3M. eTattler newsletter, January 2004.
[2] Martin Abadi and Cedric Fournet. Hiding names: Private authentication in the applied pi cal-
culus. In Software Security – Theories and Systems. Mext-NSF-JSPS International Symposium
(ISSS’02), pages 317–338. Springer-Verlag, 2003.
[3] Richard Boss. Library RFID technology. Library Technology Reports, Nov/Dec 2003.
[4] Vinod Chachra and Daniel McPherson. Personal privacy and use of RFID technology in
libraries, October 2003.
[5] EPCGlobal Consortium. EPC 868-915Mhz tag Class 1 candidate recommendation, 2004.
[6] EPCGlobal Consortium. EPC 900Mhz tag Class 0 standard, 2004. http://www.
[7] EPCGlobal Consortium. Epc ism band 13.56mhz class 1 candidate recommendation, 2004.
[8] FBI Counterterrorism Division. FBI intelligence memo no. 102, December 2002. http://
[9] Charles Doyle. Libraries and the USA PATRIOT act, 2003.
[10] Phillips Electronics. ICode SLI data sheet, 2004.
[11] Klaus Finkenzeller. RFID Handbook. John Wiley and Sons, 2003.
[12] Kenneth Fishkin and Sumit Roy. Enhancing RFID privacy through antenna energy analysis. In
MIT RFID Privacy Workshop, 2003.
[13] Simson Garfinkel. Adapting fair information practices to low cost RFID systems. In Privacy
in Ubiquitous Computing Workshop, 2002.
[14] Craig Gentry and Zulfikar Ramzan. Personal communication, 2004.
[15] Carol Glatz. Vatican library begins using computer chips to identify volumes, 2004. http:
[16] D. Harkins and D. Carrel. Internet key exchange rfc 2409, 1998.
[17] Sozo Inoue and Hiroto Yasuura. RFID privacy using user-controllable uniqueness. In RFID
Privacy Workshop, MIT, 2003.
[18] ISO/IEC JTC 1/SC 31/WG 4. Information technology AIDC techniques - RFID for item
management - Air interface, - Part 3: - Parameters for air interface communications at 13.56
MHz, April 2004. Version N681R.
[19] Ari Juels. Minimalist cryptography for RFID tags, 2003.
[20] Ari Juels, Ronald L. Rivest, and Michael Szydlo. The blocker tag: selective blocking of RFID
tags for consumer privacy. In Proceedings of the 10th ACM conference on Computer and
communication security, pages 103–111. ACM Press, 2003.
[21] Shingo Kinosita, Fumitaka Hoshino, Tomoyuki Komuro, Akiko Fujimura, and Miyako
Ohkubo. Non-identifiable anonymous-ID scheme for RFID privacy protection, 2003. In
Japanese. See English description as part of
[22] Libramation. Overview of library RFID products, 2004.
[23] Berkeley Public Library. Best practices for library RFID, 2004. http://
[24] San Francisco Public Library. Checkout time-motion study, 2004. Presented to SFPL Board
of Supervisors, April 4.
[25] Gordon E. Moore. Cramming more components onto integrated circuits. Electronics, 38(8),
April 1965.
[26] Miyako Ohkubo, Koutarou Suzuki, and Shingo Kinoshita. Cryptographic approach to a privacy
friendly tag. In RFID Privacy Workshop, MIT, 2003.
[27] Zulfikar Ramzan. Personal communication, 2004.
[28] Mark Reynolds. Physics of RFID. In MIT RFID Privacy Workshop, 2003. http://www.
[29] Checkpoint Systems. ILS exit sensor data sheet, 2004. http://www.checkpointsystems.
[30] TAGSYS. C220 data sheet, 2004.
[31] Lee Tien. Privacy risks of radio frequency identification “tagging” of library books, October
[32] Stephen A. Weis, Sanjay E. Sarma, Ronald L. Rivest, and Daniel W. Engels. Security and
Privacy Aspects of Low-Cost Radio Frequency Identification Systems. In Security in Pervasive
Computing, volume 2802 of Lecture Notes in Computer Science, pages 201–212, 2004.
[33] Jimmy Yap. Are we ready for radio?, 2004.
A Why Libraries Want RFID
RFID technology promises several important benefits for libraries. The major motivating factors
may change from library to library, but several common themes have emerged.
First, RFID may reduce the incidence of repetitive stress injuries (RSI). A study at the San
Francisco Public Library found that circulation desk work involves several motions likely to cause
injury [24]. More importantly, library employees may face permanent disability from RSI injuries;
at least one Berkeley Public library employee has been forced to retire permanently due to a RSI-
related disability. While formal studies on the RSI benefit of RFID are not yet available, vendors
claim significant reductions in the number of motions required for checkout.
Second, RFID promises to streamline mechanisms for patron self-check, allowing patrons to
check out items without the help of library staff. Self-check machines that work with library
magnetic strip security systems can only check out one book at a time. An RFID-based approach
can, in theory, read and check out a stack of books placed on a self-check machine without the
patron needing to handle each book individually. Several vendors also suggest the use of RFID-
enabled patron cards, which offer the promise of completely hands-free checkout. In addition,
magnetic strip security systems cannot be used with magnetic media such as VHS tapes.
Third, librarians hope to make inventory management easier by using RFID tags. Hand-held
RFID readers promise the ability to sweep a shelf once and obtain a list of all books on the shelf.
Ease of inventory was one of the major considerations cited by the Vatican library [15]; because the
library does not allow persons (except for the Pope) to check out materials , item checkout is not a
concern. The Singapore national public library credits their RFID system with reducing inventory
time from a week to hours [33].
Finally, RFID acts as an enabler for automatic sorting on book check-in. Sorting systems, such
as those from TechLogic or FlashScan, can read a bar code from the RFID and look up the shelf
location from the bibliographic database. The book can then be sorted into a cart directed at the
appropriate location.
We note that the exact extent of benefits from RFID is still being worked out. We stress that
we do not attempt to evaluate all aspects of library RFID, only the privacy and security risks. At
the same time, we believe it is important to understand the reasons why librarians may want this
B Pseudocode for Tree Scheme
Given a private authentication scheme (G1, R1, T1), we construct a new scheme as follows:
Algorithm B.1: Gtree (1k, N )
Fix `log N
for i= 1 to `
for j= 0 to 1
si,j G1(1k)
for h= 1 to N
Parse hin binary as (b1,...,b`)
T Kh(s1,b1,...s`,b`)
RK (si,j )
Output RK,T K1,...,TKN.
Algorithm B.2: (Rtree , Ttree ) (R K, T K)
Fix `log N
Parse RK as (ui,j )
Parse T K as (v1,...,v`)
for i= 0 to `
succeed false
for j= 0 to 1
succeed succeed (R1(ui,j ), T1(vi))
if ¬succeed
then fail and output 0
accept and output 1
C Further Practical Library Concerns
Stealing Books With Aluminum Foil
Because detecting the RFID tag on exit is the primary security mechanism, blocking the tag signal
allows an adversary to steal the book undetected. A blocked tag will pass by the exit sensors in
a library without triggering any alarm. While a blocker tag could be used for this purpose, it
would be easier and cheaper to use materials such as aluminum foil or mylar, which can absorb or
diffuse an RFID signal [28]. As Boss notes, in a library with RFID, carrying common aluminum
foil becomes evidence of intent to steal books [3]. We are certainly not the first to notice this
issue in library RFID, and the severity of this risk is limited—tag security is primarily intended
to keep honest people honest, not as a foolproof theft-prevention mechanism—but we note it for
No Forward Privacy
Current architectures for library RFID do not have forward privacy. If the adversary collects a
database of tag readings and later obtains the bibliographic database, then all the title and author
information of those readings is revealed. The adversary then learns everything about the reading
habits of the people observed. The database could be revealed via a search warrant, but also by
network intrusion, computer misconfiguration, throwing out backup tapes accidentally, or the work
of an insider.
... All the expansion and diversification in Internet-related services are generating new security and privacy challenges [192]. For this reason, the most common issues, practices, and architectures are listed, to mitigate frequent privacy and security issues [193]. "Strong privacy" has been defined, and the definition has been applied to reveal vulner-abilities in proposed privacy-enhancing RFID protocols [194]. ...
... We also found RFID to be applied in supply chains [72,73], providing ways to detect counterfeiting [91,92] and keep track of any asset [90,123,[127][128][129]. The most active security topics appear to be testing the existing protocols to search for flaws, ways to solve them [93,94,173,177,178,196,198], and balancing privacy and performance for different scenarios [192,193,196,198,199]. It was found that privacy and security are of general concern, almost in all applications. ...
Full-text available
Radio frequency identification (RFID) is widely used in several contexts, such as logistics, supply chains, asset tracking, and health, among others, therefore drawing the attention of many researchers. This paper presents a review of the most cited topics regarding RFID focused on applications, security, and privacy. A total of 62,685 records were downloaded from the Web of Science (WoS) and Scopus core databases and processed, reconciling the datasets to remove duplicates, resulting in 40,677 unique elements. Fundamental indicators were extracted and are presented, such as the citation number, average growth rate, and average number of documents per year. We extracted the top topics and reviewed the relevant indicators using a free Python tool, ScientoPy. The results are discussed in the following sections: the first is the Applications Section, whose subsections are the Internet of Things (IoT), Supply Chain Management, Localization, Traceability, Logistics, Ubiquitous Computing, Healthcare, and Access Control; the second is the Security and Privacy section, whose subsections are Authentication, Privacy, and Ownership Transfer; finally, we present the Discussion section. This paper intends to provide the reader with a global view of the current status of trending RFID topics and present different analyses from different perspectives depending on motivations or background.
... Mutilation of library materials is a global phenomenon that must be properly check to prolong the span of the library materials (Salman et al., 2017). In fact, a high incidence of mutilation practices have been reported in many libraries for more than two decades ago (Lorenzen, 1996; (Wagner, 2004;Ukachi et al., 2015). Mutilation of library materials may come in many ways including underlining and highlighting of books and other materials, Undergraduates' perception of the influence of book mutilation and defacing on library use in the Federal University Library, Oye-Ekiti: Jacob Kehinde Opele, Abiodun Ayodele Osunrinde and Naheemat Tolulope Awwal Journal of Library Services and Technologies, Volume 3 Number 2, 2021 bending of book spine, using wet fingers to turn book pages, marking or shading book pages with pencil, or pen, tearing book pages, tearing and or removing some pages of the books and tampering with the editorial comment of the information materials (Referowska-chodak, 2019;Teoh & Tan, 2011). ...
Full-text available
Mutilation of library materials is a global phenomenon that must be properly checked to prolong the span of the library materials. This study examined undergraduates' perception of the influence of book mutilation and defacing on library use in the Federal University, Oye-Ekiti (FUOYE) Library. This study employed the descriptive survey design. The study population comprised all registered undergraduates' library users at the FUOYE Library who were willing to participate in the study. In all, three hundred and thirty eight (338) students participated in the study. The main instrument for data collection was a structured questionnaire, which was subjected to validity and reliability tests. The data collected for the study were analysed using the relative importance index (RII), while simple regression analysis was used to test the formulated hypothesis. Findings from the study indicated a strong relationship (AdjustedR 2 = 0.309, F= 150.1, p<.05) between book mutilation, defacing and library use among undergraduates in the Federal University Library, Oye-Ekiti. The findings further revealed that the undergraduates have a high-level of perception on the influence of book mutilation and defacing. The study concluded that more still need to be done in the areas of security of the library materials to forestall the ugly trend of theft, mutilation and defacing in the university Library.
... there will be a beep if people approach within 1.5 meters. [15] 2) Emergency Warning Signal: The actual situation is whenever there is an emergency situation, there is a central alarm indication system, however sometimes it may be possible that it is not guaranteed that the message will be delivered to everyone, so the idea is to provide each one with a dedicated warning indication on the i cards to ensure that everyone receives an alarm indication. ...
Full-text available
This proposed invention is related with multipurpose device which is intelligent id card provided to the employee will help track and trace by connecting to the respective corporate server network. This server acts as a central intelligence and provides a dashboard that will help set up and get data and insights. These constantly monitor the smart cards and transmit their position to the central system. Many important multi-tasking tasks can be performed using this smart ID card which has the ability to provide real-time location information and also automatically identify if the person is where they should be. Accidents, such as a person walking into a danger zone, can be easily reported. In the event of a fire, you can quickly find the total people count along with the latest positions. The crowding of places such as offices, shops, workplaces, bathrooms, canteens, etc. it can be reported in real-time in order to avoid any infections. The temperature measurement alone is useless if the readings are not associated with the employee and are recorded to analyses trends. The proposed ID card will keep track of the number of times the employee has washed their hands. If not, a social notification will be raised. With real-time monitoring, you can easily provide daily attendance data to HR for payroll calculation and contract work invoice review. The employee's Bluetooth tag will help track time spent within the authorized area and will sound an alarm if the person enters a danger zone, all in real-time. The employee tag will allow the employee to send an SOS signal in case of any danger or panic situation. It will not be necessary to keep an attendance register. The tag will automatically record the time of entry and exit. A body sensor attached to the ID card will detect if the card is moved away from the body and kept aside. Hence, there is no possibility of cheating. The battery inside the card would last 5 to 10 years. IP 65, therefore resistant to water and rain. No maintenance is required.
... • Authentication: it is a process through which an object demonstrates its claimed identity to another communication party, providing some evidence such as what it knows, what it has, or what it is. [9] stated a basic PRF private authentication scheme for mutual authentication between tags and readers. This protocol uses a shared secret and a Pseudo-Random Function (PRF) to protect the messages exchanged between the tag and the reader. ...
Full-text available
Radio Frequency Identification (RFID) systems are among the most widespread computing technologies with technical potential and profitable opportunities in numerous applications worldwide. Further, RFID is the core technology behind the Internet of Things (IoT), which can accomplish the real-time transmission of information between objects without manual operation. However, RFID security has been taken for granted for several years, causing multiple vulnerabilities that can even damage human functionalities. The latest ISO/IEC 18000-63:2015 standard concerning RFID dates to 2015, and much freedom has been given to manufacturers responsible for making their devices secure. The lack of a substantial standard for devices that implement RFID technology creates many vulnerabilities that expose end-users to elevated risk. Hence, this paper gives the reader a clear overview of the technology, and it analyzes 23 well-known RFID attacks such as Reverse Engineering, Buffer Overflow, Eavesdropping, and Malware. Moreover, given the exceptional capabilities and utilities of RFID devices, this paper has focused on security measures and defenses for protecting them, such as Active Jamming, Shielding tag, and Authentication.
... In terms of the Internet of Things we still need to work on (a) Standards, (b) Mobility Support, (c) Naming and Identity Management (Assigning an IPv6 address to each element), (d) Object safety, (e) Transport Protocol, (f) Traffic Characterization and QoS Support, (g) Authentication, (h) Data Integrity, (i) Information Privacy, and (j) greening of IoT [8] [9]. Some agencies which are working as the key development force for IoT are Microsoft's Eye-on-Earth platform, Cluster of European Research Project on the IoT, The Internet of Thing Architecture (IoTA), IoT@work, IoT-initiative (IoT-i), European Research Cluster on the IoT, and many more [10]. These agencies are working continuously to convert the cryptographic algorithms into their lightweight version. ...
Full-text available
We need a secure environment in order to communicate without any information leakage. From large devices having UPS to small devices having a battery, the parameter about security changes over time. We need to work in three basics of security: (1) Mutual authentication between devices, (2) Strong encryption methodology for transmission, and (3) Secure storage environment with anytime availability. The IoT enabled devices demands a lightweight secure environment. In this paper, we are concerning only about the second point, i.e. Strong encryption methodology for transmission. We will study some of the methods related to lightweight cryptography; will talk about different issues in the field of secure transmission; and will try to find out some research gap with a possible countermeasure.
Full-text available
Kişisel kurumsal ve ulusal değer varlıklarından olan bilginin korunması, kişisel güvenlik, kurum işleyişi ve ulusal güvenlik açısından önemlidir. Bilgi güvenliğinin sağlanmasında birçok önlem alınmasına rağmen, yine de istenilen düzeyde bir koruma sağlanmamaktadır. Son yıllarda, Nesnelerin İnterneti (IoT) hayatımızın birçok alanına girmiş ve bundan dolayı her alanda bu teknoloji için gerekli bilgi güvenliği tedbirlerin alınması ihtiyacı ortaya çıkmıştır. Bu çalışmanın amacı, nesnelerin internetini kişisel, kurumsal ve ulusal bilgi güvenliği açısından irdelemek, bu sistemlere karşı yapılabilecek saldırıları araştırmak, incelemek ve alınabilecek önlemler konusunda önerilerde bulunmaktır. Çalışma kapsamında nesnelerin interneti kişisel, kurumsal ve ulusal bilgi güvenliği çerçevesinde ele alınmış, nesnelerin internetinin bileşenleri, güvenlik mimarisi, bu sistemlere karşı yapılabilecek güvenlik tehditleri ve alınabilecek önlemlere yer verilmiştir. Sonuç olarak, bu araştırma sonucunda sunulan önerilerin IoT güvenliğine ve dolayısıyla sistem güvenliğine katkı sağlayacağı değerlendirilmektedir.
This chapter introduces some typical security threats in RFID systems, including RFID tag cloning, RFID tag tracking, and relay attacks. Tag cloning may cause spoofing attacks, tag tracing violates the location privacy of the thing/person that the traced tag is attached to, and relay attack can link a genuine RFID tag to an authorized reader, even though the tag may be physically far away from the reader.
The advent of massive technological paradigm shift to subsequent interest in augmented reality (AR) paved the way for designers to design, develop and deploy new use cases of AR in the service industry. In this paper, we investigate the use of augmented reality as an option for providing entry into secured buildings by comparing it against the traditional radio frequency identification devices cards. 51 participants from various backgrounds were recruited to enter a secured building using an AR-based app and an RFID card. The results stipulate that AR-based app had a greater acceptance among participants in terms of security and ease of use. 40 participants thought AR-based app is more secure than RFID cards and 34 participants felt the application was easier to use compared to RFID cards. 32 participants indicated that they would prefer to use the AR-based on daily basis. The result only came short in favor of RFID-based systems in terms of faster access with a margin of 3 persons where RFID systems outperformed AR-Based systems. The results indicate that the system is a suitable option but further research is needed to deploy the research in real-world settings.
Radio frequency identification (RFID) is becoming one of the best optimistic technology in the area of ubiquitous computing that plays the most crucial role in object identification as a ubiquitous infrastructure. Indeed, an important role of RFID technology is to provide wireless communication between the RFID tags and readers without line-of-sight (LoS) readability. The tags store the sensitive information of an object or thing in RFID systems. The reader reads and writes data, while the backend server stores the information sent by the readers through radio frequency signals. Moreover, the reader collects data from the distinct tags and broadcasts them, and then sends it to the server for further processing. However, security and privacy is a key concern in RFID systems, where an adversary may perform several types of security attacks. To overcome such issues, we have proposed a novel vector-space-based lightweight RFID authentication protocol which integrates the concept of vector space, basis, and linear mapping in this paper that achieves secure authentication. The security analysis has been done that demonstrates the proposed protocol provides resistance to various known attacks. The performance analysis shows the less computation cost associated with the tags, less storage, and communication overhead as well. The proposed protocol provides higher security with lesser cost and shows suitability for low-cost RFID systems.
Full-text available
Within the coming years, low cost radio frequency identification (RFID) systems are expected to become commonplace throughout the business-to-business and business-to-consumer marketplace. Much of the work to date on these systems pertains to systems engineering and electronic product code issues. This paper discusses ways to ensure personal privacy, and presents policies and technologies that could limit abuse.
Conference Paper
Full-text available
We propose the use of "selective blocking" by "blocker tags" as a way of protecting consumers from unwanted scanning of RFID tags attached to items they may be carrying or wearing.While an ordinary RFID tag is a simple, cheap (e.g. five-cent) passive device intended as an "electronic bar-code" for use in supply-chain management, a blocker tag is a cheap passive RFID device that can simulate many ordinary RFID tags simultaneously. When carried by a consumer, a blocker tag thus "blocks" RFID readers. It can do so universally by simulating all possible RFID tags. Or a blocker tag can block selectively by simulating only selected subsets of ID codes, such as those by a particular manufacturer, or those in a designated "privacy zone.We believe that this approach, when used with appropriate care, provides a very attractive alternative for addressing privacy concerns raised by the potential (and likely) widespread use of RFID tags in consumer products.We also discuss possible abuses arising from blocker tags, and means for detecting and dealing with them.
Full-text available
RFID Privacy Workshop, Nov. 2003. In this paper, we propose two approaches to protect privacy in the ‘Digitally Named World’, which is the environment in which ‘radio frequency ID’s (RFIDs) are attached to any objects in the world, and any objects in the real world can be found by the readers of the RFID’s and the networked database system. One is the approach to conceal the permanent ID under a private ID that users give. The other approach is to assign partial ID sequence to a object, and the rest is given by user assignable RFID tags. These approaches both attempt to give users the controllability of the uniqueness of IDs from local to global, thereby enabling IDs private or public ones in the required state of the object’s life cycle.
Full-text available
Radio frequency identification (RFID) is expected to become an important and ubiquitous infrastructure technology. As RFID tags are a#xed to everyday items, they may be used to support various useful services. However, widespread deployment of RFID tags may create new threats to user privacy, due to the powerful tracking capability of the tags.
Conference Paper
We present the analysis of a protocol for private authentication in the applied pi calculus. We treat authenticity and secrecy properties of the protocol. Although such properties are fairly standard, their formulation in the applied pi calculus makes an original use of process equivalences. In addition, we treat identity-protection properties, which are a delicate concern in several recent protocol designs.