PEARL

Project leader: prof. dr. Sandro Etalle, TUe (1 January 2007 till 1 January 2011)

   >  related interview

   >  download pdf

The PEARL project focused on developing practically usable services for the security of RFID systems and on designing a suitable validation method to determine whether such a system is secure. Radio Frequency Identification (RFID) is a technology based on wireless communication between a RFID label (a chip with an antenna) and a reader. This technology makes it possible to remotely identify an object to which the transponder has been attached. The cheapest type of RFID labels, with a price of just a few cents per label, contain no batteries and have a limited calculation capacity, memory and communication range. Standard ways of achieving security and privacy require relatively powerful processors and are therefore not directly applicable for RFIDs.

Project results  

Results were achieved in three areas:

    1. Various weaknesses were found in algorithms developed for RFID systems.
    2. Subsequently new algorithms were written in the project to resist attacks.
    3. The project has revealed that existing theories about anonymity and unlinkability do not contradict each other but instead compliment each other.

Follow-up activities
In follow-up projects of PEARL at Radboud University Nijmegen, research has been done into new, privacy friendly solutions for the security of electronic transactions. Furthermore, contract research is being carried out for the Ministry of the Interior and Kingdom Relations into the new Government Pass (pass for gaining entry into government buildings) and for the House of Representatives and the Ministry of Transport and Infrastructure into security aspects of the Dutch transit smart card (OV-chipkaart). The French company Oridao is going to sponsor a PhD student at Radboud University Nijmegen to do research into the security of RFID products. At Eindhoven University of Technology contract research is being done to analyse the security of smart meter protocols. Privacy research at Eindhoven University of Technology will be continued further in the Trusted Healthcare Services (THeCS) Project of the COMMIT programme.

Universities and partners involved

  •     Technical University Eindhoven
  •     Radboud University Nijmegen
  •     Technische University Delft
  •     Philips
  •     TNO ICT