50 Ways to Break RFID Privacy
The authors present taxonomy of attacks on user privacy in RFID systems. In particular, they consider RFID systems in terms of a layered model comprising a physical layer, a communication layer, and an application layer. They classify the privacy attacks according to their layer and discuss their applicability. The classification includes two new attacks. The first attack targets the communication-layer RFID protocol by Kim et al. They then show how an attacker could perform an application-layer attack on the Luxembourg public transportation system. Finally, they show that even if all of his tags are untraceable a person may not be untraceable. They do this by exhibiting a realistic scenario in which the attacker uses the RFID profile of a person to trace him.