Flexible and Secure Secret Updating for Unidirectional Key Distribution in Rfid-Enabled Supply Chains
In USENIX Security 08, Juels, Pappu and Parno proposed a secret sharing based mechanism to alleviate the key distribution problem in RFID-enabled supply chains. Compared to existing pseudonym based RFID protocols, the secret sharing based solution is more suitable for RFID-enabled supply chains since it does not require a database of keys be distributed among supply chain parties for secure ownership transfer of RFID tags. However, this mechanism cannot resist tag tracking and tag counterfeiting attacks in supply chain systems. It is also not convenient for downstream supply chain parties to adjust the size of RFID tag collections in recovering tag keys. To address these problems, we propose a flexible and secure secret update protocol which enables each supply chain party to update tag keys in a secure and efficient manner. Our proposal enhances the previous secret sharing based mechanism in that it not only solves the flexibility problem in unidirectional key distribution, but also ensures the security for ownership transfer of tags in RFID-enabled supply chains.