1 Introduction

A wireless sensor network (WSN) is an ad-hoc based network, composed of small sensor nodes deployed in large numbers to collect critical data in the physical world, such as surveillance or monitoring monitoring of natural and manmade environments. This view is achieved by deploying massive amount of small wireless sensors, (so called sensor nodes, motes, or dust). As sensor network applications expand to perform sensitive measurements of everyday life, such an extensive use of technology will expose to many security attacks. Several security concerns [1, 2] have already been identified, and out of which violation of the user privacy becomes an increasingly important topic.

In addition to the real-life need for WSN, the very same scenario could also happen to another variation of wireless communication - the Radio Frequency Identification (RFID), which is a system that enables wirelessly massive identification and tracking of items. Two components involved in the systems are RFID tags and readers. The tags contain a radio frequency transponder and a read-only (sometimes re-writable) memory chip that contains a unique identifier. Tags get queried by readers which are more complex and usually connected to a back-end system, i.e. a database. Upon being queried, the tags respond with their IDs. The readers are capable to query multiple tagged items at once and distinguish between each one of them. We distinguish between active and passive tags. Active tags carry a small battery while the cheaper and much more common passive tags receive their power from the reader. The reader emits an electric field while querying the tags, which also powers the tags. However, in practice, both parties are constantly exposed in the untrusted environment, which might lack communication confidentiality, data integrity, or mutual authentication, and thereby damaging customer privacy[3].

In this project, we will introduce an alternative protocol of low-cost computation. This scheme is able to authenticate both parties, while user identity is not revealed to the reader side. In the other words, user privacy is ultimately preserved.

1.1 Threats to Privacy

Wireless Sensor Network: A general overview of security issues for general wireless networks can be found in [4]. Ad-hoc sensor network (ASN) is a special form of wireless sensor networks (WSN), in which the nodes can change, new nodes can be added, old nodes retired, and sometimes nodes might be moved to a different network. Here are some examples for WSN in which security concerns they raise.

1. In a naive communication scenario between two sensor mote, there is a potential possibility for an unauthorized attacker to intercept the communication, steal private secrecy, or even forge user’s identity. For instance, the unprotected sensor in vehicle might give out the vehicle and driver information to a rogue reading sensor on the roadside. Hence, without providing proper privacy and security protection, such applications of WSN is not practical.
2. WSN nodes can be used for military purposes. The sensors can either be dropped off an aircraft over enemy territory after which they lie stationary on the ground, or they are carried by each soldier and vehicle and therefore form a mobile ASN. Its goal is to detect and gain as much information as possible about enemy movements. This information is relayed to a mobile command posts that helps the commanders to make decisions about troop movements, calls for air support, etc. In this scenario it is of upmost importance to prevent the enemy from intercepting the transmitted data. In addition to this, it is very likely that some nodes fail and stop operating, or some nodes were compromised by the enemy.

Radio Frequency Identification Devices: Security aspects of RFIDs that work at different layer (Physical Layer[5], Communication Layer[6], or Application Layer[7, 8, 9]), have been proposed. We are presenting two popular applications for RFID tags and highlight their security concerns.

1. The wireless nature with no line-of-sight requirement makes RFID ideal for inventory control and fast check out. Thus, each tag embedded with a unique identifier follows a standardized electronic product code (EPC), which is going to replace the ubiquitous optical barcodes in near future.
2. The US government finally issued its first passports containing RFID (Radio Frequency ID ) chips in October 2006. The embedded chips in the new passports contains the same information in the old printed document, including including the name, nationality, sex, date of birth, place of birth, fingerprint, and a photo of the passport holder. According to government officials, the use of the RFID chip allows passports to be scanned and cross-referenced with security databases more easily. Due to the nature of communication in RFID, identity theft can be done wirelessly (within 10-300 feet range)[10], because your private information is just up there available in the air for hackers, who would hack into the device, snap personal information, and walk away. The threat of unauthorized duplication of your passport have affected millions of Americans.