Degree Name

Doctor of Philosophy


School of Computer Science and Software Engineering


This thesis aims to create a secure and practical RFID security framework, particularly on providing an adequate privacy model and an adversary model for RFID applications where an authentication protocol for RFID tag is required. Our framework can be used to assess the performance of RFID authentication protocols that are conformed to a common system model. We first look into other proposed privacy models and compares their performances. We investigate their limitations on modelling some types of RFID authentication protocols. Our privacy model defines what we want to achieve when providing privacy protections to RFID systems. Examples like what we call a secure system, what are the privacy goals and how we test an RFID authentication protocols are defined in our privacy model. Our adversary model addresses the abilities of adversaries that cause harm to RFID systems. Its purpose is to capture the most common and possible attacks to RFID systems that can be launched in the real world. These modellings together provide us an effective tool to look into the limitations and possibilities of the RFID authentication protocol begin assessed. Based on our security framework, we give an example RFID application on ownership transfer.



Unless otherwise indicated, the views expressed in this thesis are those of the author and do not necessarily represent the views of the University of Wollongong.