Implementing public-key cryptography on passive RFID tags is practical

Alex Arbit, Yoel Livne, Yossef Oren*, Avishai Wool

*Corresponding author for this work

Research output: Contribution to journalArticlepeer-review


Passive radio-frequency identification (RFID) tags have long been thought to be too weak to implement public-key cryptography: It is commonly assumed that the power consumption, gate count and computation time of full-strength encryption exceed the capabilities of RFID tags. In this paper, we demonstrate that these assumptions are incorrect. We present two low-resource implementations of a 1,024-bit Rabin encryption variant called WIPR—in embedded software and in hardware. Our experiments with the software implementation show that the main performance bottleneck of the system is not the encryption time but rather the air interface and that the reader’s implementation of the electronic product code Class-1 Generation-2 RFID standard has a crucial effect on the system’s overall performance. Next, using a highly optimized hardware implementation, we investigate the trade-offs between speed, area and power consumption to derive a practical working point for a hardware implementation of WIPR. Our recommended implementation has a data-path area of 4,184 gate equivalents, an encryption time of 180  ms and an average power consumption of 11 μW, well within the established operating envelope for passive RFID tags.

Original languageEnglish
Pages (from-to)85-99
Number of pages15
JournalInternational Journal of Information Security
Issue number1
StatePublished - Feb 2014


  • RFID
  • Security
  • Supply chain


Dive into the research topics of 'Implementing public-key cryptography on passive RFID tags is practical'. Together they form a unique fingerprint.

Cite this