Article

Extending the EPC network: the potential of RFID in anti-counterfeiting

Authors:
Thorsten Staake

University of St. Gallen, Switzerland

University of St. Gallen, Switzerland
View Profile

,
Frédéric Thiesse

University of St. Gallen, Switzerland

University of St. Gallen, Switzerland
View Profile

,
Elgar Fleisch

University of St. Gallen, Switzerland

University of St. Gallen, Switzerland
View Profile

SAC '05: Proceedings of the 2005 ACM symposium on Applied computingMarch 2005Pages 1607–1612https://doi.org/10.1145/1066677.1067041

Published:13 March 2005Publication History

SAC '05: Proceedings of the 2005 ACM symposium on Applied computing

Pages 1607–1612

ABSTRACT

The International Chamber of Commerce estimates that seven percent of the world trade is in counterfeit goods, with the counterfeit market being worth 500 billion USD in 2004. Many companies already use overt anti-counterfeiting measures like holograms to confine counterfeiting and product piracy. However, current techniques are not suited for automated tests of product authenticity as required in warehouses, or do not provide the required level of security. In this context, Radio Frequency Identification (RFID) is a promising approach, providing an extensible, flexible and secure measure against counterfeiting. Unique product identification numbers together with an infrastructure to seamlessly share RFID-related data over the Internet are a basis of efficient Track & Trace applications. An emerging infrastructure is the EPC Network, which can be used to provide pedigree information of products and makes plausibility checks possible. In this paper, we propose a solution for products requiring authentication mechanisms that go beyond track & trace. Therefore, the evolving EPC Network should comprehend the functionality to handle tags which support strong cryptography. We suggest extending the upcoming EPC Network infrastructure with an EPC Product Authentication Service. Moreover, the development of cost-effective, dedicated authentication devices as well as the belonging standardization is motivated.

References

ICC Policy Statement (2003) The fight against piracy and counterfeiting of intellectual property. Submitted to the 35th World Congress, Marrakech, Document no 450/986 www.iccwbo.org/home/intellectual_property/fight_against_piracy.pdfGoogle Scholar
Robin Koh, Edmund W. Schuster, Indy Chackrabarti, Attilio Bellman (2003) Securing the Pharmaceutical Supply Chain. White Paper, Auto-ID Labs, Massachusetts Institute of Technology, www.autoidlabs.com/whitepapers/mitautoid-wh021.pdfGoogle Scholar
David L. Brock (2001) The Electronic Product Code (EPC) - A Naming Scheme for Physical Objects. White Paper, Auto-ID Labs, Massachusetts Institute of Technology, www.autoidlabs.com/whitepapers/MIT-AUTOID-WH-002.pdfGoogle Scholar
Organization for Economic Co-operation and Development (OECD) (1998) The Economic Impact of Counterfeiting. www.oecd.org/dataoecd/11/11/2090589.pdfGoogle Scholar
Kommission der Europäischen Gemeinschaft (1998, 2000) Grünbuch zur Bekämpfung von Nachahmungen und Produkt- und Dienstleistungspiraterie im Binnenmarkt. europa.eu.int/comm/internal_market/en/indprop/piracy/com789de.htmGoogle Scholar
World Health Organization (2003) Counterfeit medicines, Frequently Asked Questions. www.who.int/medicines/organization/qsm/activities/qualityassurance/cft/counterfeir_faq.htmGoogle Scholar
U. S. Department of Health and Human Services, Food and Drug Administration (2004) Combating Counterfeit Drugs, A Report of the Food and Drug Administration. http://www.fda.gov/oc/initiatives/counterfeit/report02_04.pdfGoogle Scholar
ICC Counterfeiting Intelligence Bureau (2003) The International Anti-Counterfeiting Directory 2003. www.iccwbo.org/ccs/cib_bureau/CIBDirectory.pdfGoogle Scholar
RFID Journal (2004) Frequently Asked Questions, http://www.rfidjournal.com/article/articleview/207Google Scholar
Sanjay E. Sarma, Stephen A. Weis, Daniel W. Engels (2002) RFID Systems, Security & Privacy Implications. White Paper, Auto-ID Labs, Massachusetts Institute of Technology, www.autoidlabs.org/whitepapers/MIT-AUTOID-WH-014.pdfGoogle Scholar
Dirk Henrici, Paul Mülller (2004) Hash-based Enhancement of Location Privacy for Radio-Frequency Identification Devices using Varying Identifier. Proceedings of the Second IEEE Annual Conference on Pervasive Computing and Communications Workshops (PERCOMW'04) Google ScholarDigital Library
Istvan Vajda, Levente Buttyan (2003) Lightweight authentication protocols for low-cost RFID tags. Second Workshop on Security in Ubiquitous Computing - Ubicomp 2003, Seattle, WA, USA.Google Scholar
Jeffrey Hoffstein, Jill Pipher, Joseph H. Silverman (1998) NTRU: A Ring-Based Public Key Cryptosystem. Lecture Notes in Computer Science 1423, 267--288, Springer-Verlag, Berlin Google ScholarCross Ref
Federal Information Processing Standards Publication 197 (2003) Specification for the Advanced Encryption Standard (AES)Google Scholar
Martin Feldhofer (2004) A Proposal for an Authentication Protocol in a Security Layer for RFID Smart Tags. IEEE Proceedings of MELECON 2004, Vol. 2, pp. 759--762Google Scholar
David J. Wheeler, Robert M. Needham (1995) TEA, a Tiny Encryption Algorithm. Technical report, Computer Laboratory, University of Cambridge, www.ftp.cl.cam.ac.uk/ftp/papers/djw-rmn/djw-rmn-tea.htmlGoogle Scholar
Federal Information Processing Standards Publication 180-1 (1995) Secure Hash StandardGoogle Scholar
Infineon Technologies (2001) Security and Chip Card ICs, SLE 55R01 Short Product Information, www.infineon.com/cgi/ecrm.dll/ecrm/scripts/public_download.jsp?oid=29991& parent_oid=14537Google Scholar
Infineon Technologies (2004) Secure Mobile Solutions - Security, SLE 66CL80P Short Product Information. www.infineon.com/cmc_upload/documents/036/428/SPI_SLE66 CL80P_0102.pdfGoogle Scholar
Press Release from the World Customs Organization (2003) www.wcoomd.org/ie/en/ press/ Counterfeiting_E.htmGoogle Scholar
World Trade Organization (1986-1994) Agreement Establishing the World Trade Organization, Annex 1C, Agreement on Trade-Related Aspects of Intellectual Property Rights. www.wto.org/english/docs_e/legal_e/27-trips.pdfGoogle Scholar

Index Terms

Extending the EPC network: the potential of RFID in anti-counterfeiting
1. Information systems
  1. Information systems applications

Recommendations

Strengthening EPC tags against cloning
WiSe '05: Proceedings of the 4th ACM workshop on Wireless security

The EPC (Electronic Product Code) tag is a form of RFID (Radio-Frequency IDentification) device that is emerging as a successor to the printed barcode. Like barcodes, EPC tags emit static codes that serve to identify and track shipping containers and ...
Read More
EPC RFID tag security weaknesses and defenses: passport cards, enhanced drivers licenses, and beyond
CCS '09: Proceedings of the 16th ACM conference on Computer and communications security

EPC (Electronic Product Code) tags are industry-standard RFID devices poised to supplant optical barcodes in many applications. We explore the systemic risks and challenges created by the increasingly common use of EPC for security applications. As a ...
Read More
Shoehorning security into the EPC tag standard
SCN'06: Proceedings of the 5th international conference on Security and Cryptography for Networks

The EPCglobal Class-1 Generation-2 UHF tag standard is certain to become the de facto worldwide specification for inexpensive RFID tags. Because of its sharp focus on simple “license plate” tags, it supports only the most rudimentary of security and ...
Read More

Comments

Login options

Check if you have access through your login credentials or your institution to get full access on this article.

Full Access

Get this Publication

Published in
SAC '05: Proceedings of the 2005 ACM symposium on Applied computing
March 2005
1814 pages
ISBN:1581139640
DOI:10.1145/1066677
Conference Chair:
Hisham M. Haddad
Kennesaw State University
,
Editor:
Lorie M. Liebrock
New Mexico Institute of Mining and Technology, Socorro, NM
,
Program Chairs:
Andrea Omicini
Alma Mater Studiorum, Universita di Bologna, Italy
,
Roger L. Wainwright
Univerity of Tulsa, OK
Copyright © 2005 ACM
Permission to make digital or hard copies of all or part of this work for personal or classroom use is granted without fee provided that copies are not made or distributed for profit or commercial advantage and that copies bear this notice and the full citation on the first page. Copyrights for components of this work owned by others than ACM must be honored. Abstracting with credit is permitted. To copy otherwise, or republish, to post on servers or to redistribute to lists, requires prior specific permission and/or a fee. Request permissions from [email protected]
Sponsors
In-Cooperation
Publisher
Association for Computing Machinery
New York, NY, United States
Publication History
- Published: 13 March 2005
Permissions
Request permissions about this article.
Request Permissions

Check for updates
Author Tags
RFID
authentication
counterfeiting
track & trace
Qualifiers
- Article
Conference

Acceptance Rates
Overall Acceptance Rate1,650of6,669submissions,25%
Funding Sources
Other Metrics
View Article Metrics

Article Metrics
- 103
  Total Citations
  View Citations
- 3,324
  Total Downloads
- Downloads (Last 12 months)31
- Downloads (Last 6 weeks)5
Other Metrics
View Author Metrics
Cited By
View all

PDF Format

View or Download as a PDF file.

PDF

eReader

View online with eReader.

eReader

Extending the EPC network: the potential of RFID in anti-counterfeiting

SAC '05: Proceedings of the 2005 ACM symposium on Applied computing

ABSTRACT

References

Cited By

Index Terms

Recommendations

Strengthening EPC tags against cloning

EPC RFID tag security weaknesses and defenses: passport cards, enhanced drivers licenses, and beyond

Shoehorning security into the EPC tag standard