RFID (Radio-Frequency IDentification) tags are microchips that communicate via radio. In common use today, they promise to become a ubiquitous tool for labeling objects and identifying people. Protection against counterfeiting and privacy infringement in RFID systems is therefore an imperative. The unifying theme of this two-part talk is key distribution, a perennial security challenge in computing systems that is particularly tricky for RFID. I'll discuss human-implantable RFID devices and the intricate privacy and security problems associated with these "prosthetic biometrics." I'll then introduce a new approach to distributing the keys required for privacy protection and authentication in RFID-enhanced supply chains - tracing the lifecycle of tags from the warehouse to the loading dock to the hands of the consumer.