Radio Frequency Identification (RFID) refers to using tiny devices called 'tags' to carry information about people or things. The technology offers great promise, with applications in everything from supply chain management to library book tracking to more convenient credit cards. Unfortunately, the technology also raises security and privacy problems. For example, without protections, it is possible to 'clone' RFID tags and perform surreptitious tracking via RFID. I will discuss two approaches to solving these problems. The first uses cryptography, while the second leverages the Remote Attestation and Sealed Storage features of the Trusted Platform Module found in many of today's PCs.
Joint work with Andrea Soppera (BT) and David Wagner (UC Berkeley).