[IP] A Secure RFID System

To: ip@xxxxxxxxxxxxxx
Subject: [IP] A Secure RFID System
From: David Farber <dave@xxxxxxxxxx>
Date: Thu, 24 Aug 2006 14:48:14 -0400
List-help: <http://v2.listbox.com/doc/help_sub?list_name=ip@v2.listbox.com>
List-id: <ip@xxxxxxxxxxxxxx>
List-software: listbox.com v2.0
List-subscribe: <mailto:subscribe-ip@v2.listbox.com>, <http://v2.listbox.com/subscribe/?listname=ip@v2.listbox.com>
List-unsubscribe: <mailto:unsubscribe-ip@v2.listbox.com>, <http://v2.listbox.com/member/unsubscribe/?listname=ip@v2.listbox.com>
References: <a06210206c1135a8b8dac@[128.240.148.85]>
Reply-to: dave@xxxxxxxxxx



Begin forwarded message:

From: Brian Randell <Brian.Randell@xxxxxxxxx>
Date: August 24, 2006 9:46:28 AM EDT
To: dave@xxxxxxxxxx
Subject: A Secure RFID System

Dave:

I don't know whether you will regard this review of RFIDsec asappropriate for IP, but I personally am highly intrigued by thedevice's capabilities with respect to the security and trust problemsof ordinary RFID chips. I know the developer, Stephan Engberg, havingserved on a committee with him during the last few years, but have nolinks of any form to his company.


Cheers

Brian

----

From RFID Society Newsletter, July 2006:

RFIDsec product review/analysis

The Danish company RFIDsec recently announced their first commerciallaunch ofa secure RFID system, aptly called "RFIDsec". The system consists ofa tagcontaining a chip with encryption functionalities, and a protocolcalled "RFIDsecsecure protocol" (RSP). The concepts behind this product wereresearched byPriway, founded by Stephan Engberg. Recent online publicationsfollowing the product launch have missed some crucial

features of the product.
...

So here is what the product is all about: transfer of control to theowner of the tag - when a consumer buys a taggedproduct, then full control of the tag can be transferred to her atthe POS andfrom that point on it is up to him to decide who is granted access to(the dataon) the chip multimodality; the tag can operate in various modes,suited to the needs ofthe environment of use in the relevant phase of the lifecycle of ataggedproduct. Therefore, the tag can provide security and control andtrust in bothB2B and B2C environments. robust security; through encryption, one-step authentication, and a specificprotocol for communications with reader devices. The owner of the tagcanrely on the security mechanism to protect the data on the chipagainst any

unauthorised access or use.
...

When we arrive at a final evaluation of the RFIDsec product, we knowof no othercommercially available product that really has the potential to solvethe key issue

of consumer trust in RFID.

Full version at:
http://dexus.amaze.nl/~rfidweblog/docs/Newsletters/July2006v2.pdf
--
School of Computing Science, Newcastle University, Newcastle upon Tyne,
NE1 7RU, UK
EMAIL = Brian.Randell@xxxxxxxxx   PHONE = +44 191 222 7923
FAX = +44 191 222 8232  URL = http://www.cs.ncl.ac.uk/~brian.randell/


-------------------------------------
You are subscribed as roessler@xxxxxxxxxxxxxxxxxx
To manage your subscription, go to
 http://v2.listbox.com/member/?listname=ip

Archives at: http://www.interesting-people.org/archives/interesting-people/

Prev by Date: [IP] EFF Sues Barney the Dinosaur to Defend Online Free Speech
Next by Date: [IP] We now have 12 planets... give or take...
Previous by thread: [IP] EFF Sues Barney the Dinosaur to Defend Online Free Speech
Next by thread: [IP] We now have 12 planets... give or take...
Index(es):
- Date
- Thread