An improved authentication protocol for mobile agent device in RFID environment

In the past researches, most of the authentication protocols were designed in an effort to solve the RFID security and privacy problem regarding the encrypted communication between the database and readers, and readers and tags. Based on the proposal of Mobile Agent device for RFID privacy Protection (MARP), some security problems have been exposed. Later on, protecting the privacy with a mobile agent device in RFID environment (eMARP) has shown improvement on MARP. The mobile agent device provides more powerful computation than the tag, in addition to the privacy protection along with the forgery detection. However, we found out that the authentication protocol of eMARP could not resist location tracking. Therefore, we will discuss and demonstrate that the eMARP-based RFID system does not have ability to achieve location tracking in this paper. We have improved the authentication protocol of eMARP-based RFID system and also have eliminated its vulnerability.

[1]  Sarah Spiekermann,et al.  Critical RFID Privacy-Enhancing Technologies , 2009, IEEE Security & Privacy.

[2]  Brian King,et al.  Security Requirements for RFID Computing Systems , 2008, Int. J. Netw. Secur..

[3]  Jengchung V. Chen,et al.  RFID in retail: a framework for examining consumers' ethical perceptions , 2008, Int. J. Mob. Commun..

[4]  Sang-Soo Yeo,et al.  MARP: Mobile Agent for RFID Privacy Protection , 2006, CARDIS.

[5]  Ari Juels,et al.  Defining Strong Privacy for RFID , 2007, PerCom Workshops.

[6]  Ari Juels,et al.  RFID security and privacy: a research survey , 2006, IEEE Journal on Selected Areas in Communications.

[7]  Tianjie Cao,et al.  Cryptanalysis of Two RFID Authentication Protocols , 2009, Int. J. Netw. Secur..

[8]  Pawel Rotter,et al.  A Framework for Assessing RFID System Security and Privacy Risks , 2008, IEEE Pervasive Computing.

[9]  Peter D. DeVries The state of RFID for effective baggage tracking in the airline industry , 2008, Int. J. Mob. Commun..

[10]  Stefanos Gritzalis,et al.  Security analysis of the song-mitchell authentication protocol for low-cost RFID tags , 2009, IEEE Communications Letters.

[11]  Simson L. Garfinkel,et al.  RFID privacy: an overview of problems and proposed solutions , 2005, IEEE Security & Privacy Magazine.

[12]  Min-Shiang Hwang,et al.  Privacy and Security Requirements for RFID Applications , 2009 .

[13]  Bo Sheng,et al.  Secure and Serverless RFID Authentication and Search Protocols , 2008, IEEE Transactions on Wireless Communications.

[14]  Christian Hirt Radio Frequency Identification - RFID , 2004 .

[15]  Min-Shiang Hwang,et al.  An authentication protocol for low-cost RFID tags , 2011, Int. J. Mob. Commun..

[16]  Andrew S. Tanenbaum,et al.  The evolution of RFID security , 2006, IEEE Pervasive Computing.

[17]  Sang-Soo Yeo,et al.  Protecting Your Privacy with a Mobile Agent Device in RFID Environment , 2009, Wirel. Pers. Commun..

[18]  Kwoting Fang,et al.  Enhanced monitoring of tuberculosis patients by using RFID technologies , 2010, Int. J. Mob. Commun..

[19]  Jiann-Liang Chen,et al.  Architecture design and performance evaluation of RFID object tracking systems , 2007, Comput. Commun..

[20]  Shin Yuan Hung,et al.  Understanding the key success factors of RFID use in Supply Chain Management: a Delphi study , 2010, Int. J. Mob. Commun..

[21]  Wen-Shenq Juang,et al.  Robust and efficient authenticated key agreement in mobile communications , 2009, Int. J. Mob. Commun..