Paper 2009/181

PSP: Private and Secure Payment with RFID

Erik-Oliver Blass, Anil Kurmus, Refik Molva, and Thorsten Strufe

Abstract

RFID can be used for a variety of applications, e.g., to conveniently pay for public transportation. However, achieving security and privacy of payment is challenging due to the extreme resource restrictions of RFID tags. In this paper, we propose PSP -- a secure, RFID-based protocol for privacy-preserving payment. Similar to traditional electronic cash, the user of a tag can pay access to a metro using his tag and so called {coins} of a virtual currency. With PSP, tags do not need to store valid coins, but generate them on the fly. Using Bloom filters, readers can verify the validity of generated coins offline. PSP guarantees privacy such that neither the metro nor an adversary can reveal the identity of a user or link subsequent payments. PSP is secure against {invention} and {overspending} of coins, and can reveal the identity of users trying to {doublespend} coins. Still, PSP is lightweight: it requires only a hash-function and few bytes of non-volatile memory on the tag.

Metadata
Available format(s)
PDF
Category
Cryptographic protocols
Publication info
Published elsewhere. Unknown where it was published
Keywords
RFIDprivacypaymentecash
Contact author(s)
erik-Oliver Blass @ eurecom fr
History
2009-04-26: revised
2009-04-26: received
See all versions
Short URL
https://ia.cr/2009/181
License
Creative Commons Attribution
CC BY

BibTeX

@misc{cryptoeprint:2009/181,
      author = {Erik-Oliver Blass and Anil Kurmus and Refik Molva and Thorsten Strufe},
      title = {PSP: Private and Secure Payment with RFID},
      howpublished = {Cryptology ePrint Archive, Paper 2009/181},
      year = {2009},
      note = {\url{https://eprint.iacr.org/2009/181}},
      url = {https://eprint.iacr.org/2009/181}
}
Note: In order to protect the privacy of readers, eprint.iacr.org does not use cookies or embedded third party content.