|Home||Internet of Things||Aerospace||Apparel||Energy||Defense||Health Care||Logistics||Manufacturing||Retail|
Security System to Balance Privacy and Supply Chain
An authentication technique called "zero knowledge proofs" can purportedly balance the commercial benefits of RFID in the supply chain with the privacy concerns of consumers.
Aug 12, 2005—This article was originally published by RFID Update.
August 12, 2005—The RFiD Society has published a short paper about a newly proposed approach to RFID privacy and security. It is an authentication technique called "zero knowledge proofs" that can purportedly balance the commercial benefits of RFID in the supply chain with the privacy concerns of consumers. Stephan Engberg is the leading proponent of the patented approach, and he has founded RFIDSec in an effort to commercialize it with the ZEROLEAK product line.
In essence, zero knowledge proof allows the interrogator of a tag -- i.e., the RFID reader device -- to verify its identity in a way that does not compromise any of the tag's data. (The paper linked below includes a detailed description of the concept.) Once the reader has "proven" its identity through a series of authentication commands, it is able to read the contents of the tag. The system is dual mode. While the tag is traveling through the supply chain, it is in "EPC mode" and offers all the track-and-trace functionality expected of RFID technology to enhance the supply chain. Upon checkout, the tag is switched to "privacy mode," at which point it is either totally disabled ("killed") or configured to share its identity for the purposes of subsequent warranty servicing and recalls.
There are a number of ways the paper asserts that the zero knowledge proof security methodology is complimentary to that employed by EPC:
Without more data on zero knowledge, it is hard to know how well it can live up to the claims. But one thing is for sure: the more resources that are devoted to balancing supply chain benefits with consumer privacy and security, the better for everyone involved.
Read the full paper
Login and post your comment!
Not a member?
Signup for an account now to access all of the features of RFIDJournal.com!
SEND IT YOUR WAY
RFID JOURNAL EVENTS
ASK THE EXPERTS
Simply enter a question for our experts.