Aug 12, 2005This article was originally published by RFID Update.
August 12, 2005—The RFiD Society has published a short paper about a newly proposed approach to RFID privacy and security. It is an authentication technique called "zero knowledge proofs" that can purportedly balance the commercial benefits of RFID in the supply chain with the privacy concerns of consumers. Stephan Engberg is the leading proponent of the patented approach, and he has founded RFIDSec in an effort to commercialize it with the ZEROLEAK product line.
In essence, zero knowledge proof allows the interrogator of a tag -- i.e., the RFID reader device -- to verify its identity in a way that does not compromise any of the tag's data. (The paper linked below includes a detailed description of the concept.) Once the reader has "proven" its identity through a series of authentication commands, it is able to read the contents of the tag. The system is dual mode. While the tag is traveling through the supply chain, it is in "EPC mode" and offers all the track-and-trace functionality expected of RFID technology to enhance the supply chain. Upon checkout, the tag is switched to "privacy mode," at which point it is either totally disabled ("killed") or configured to share its identity for the purposes of subsequent warranty servicing and recalls.
There are a number of ways the paper asserts that the zero knowledge proof security methodology is complimentary to that employed by EPC:
- It can only ever expose identity information, that is, information related to the authentication between tag and reader.
- It only requires a closed, local computer system to run. The EPC approach, by contrast, requires the full EPCglobal Network infrastructure, including the ONS and EPC discovery services.
- The EPC system makes available an index of information stored on each tag, and "there is no control over the amount of information that might be made available through that index." Zero knowledge makes a point to avoid sharing extraneous information.
- Lastly, zero knowledge allows for some flexibility in the strength of authentication. Such flexibility allows an application designer to configure a system to be either more or less secure, depending on the needs of the application.
These supposed superior qualities of zero knowledge do not imply that it should be used in favor of EPC. On the contrary, the paper explicitly states that "the proposed solution is to use RFID chips that combine the strengths of ... both EPC and zero knowledge." In so doing, supply chain benefits, theft prevention, anti-tag counterfeiting, and consumer privacy protections are all achieved.
Without more data on zero knowledge, it is hard to know how well it can live up to the claims. But one thing is for sure: the more resources that are devoted to balancing supply chain benefits with consumer privacy and security, the better for everyone involved.
Read the full paper
