An Efficient RFID Authentication Protocol for Low-Cost Tags

With the increased popularity of RFID applications, various authentication protocols have been proposed to provide security and privacy for RFID tags. However, most protocols require a high computational cost in verifying the tagpsilas reply in the authentication server. This paper presents an efficient mutual authentication protocol using one-way functions only. In the proposed protocol, the authentication sever just needs to compute very limited times to find out the identifier of the RFID tag irrespective of the total number of the tags. Also, the response of the tag is changed in every authentication to avoid tag tracing. In addition, a challenge-response approach is performed to overcome tag cloning and replay attack. Furthermore, the proposed protocol is secure against eavesdropping, compromising attack, denial of service attack and other common attacks.

[1]  Dong Sam Ha,et al.  An overview of passive RFID , 2007, IEEE Communications Magazine.

[2]  Stephen A. Weis Security and Privacy in Radio-Frequency Identification Devices , 2003 .

[3]  Sandra Dominikus,et al.  Strong Authentication for RFID Systems Using the AES Algorithm , 2004, CHES.

[4]  Hung-Yu Chien,et al.  Security of ultra-lightweight RFID authentication protocols and its improvements , 2007, OPSR.

[5]  Gene Tsudik,et al.  YA-TRAP: yet another trivial RFID authentication protocol , 2006, Fourth Annual IEEE International Conference on Pervasive Computing and Communications Workshops (PERCOMW'06).

[6]  David A. Wagner,et al.  Privacy and security in library RFID: issues, practices, and architectures , 2004, CCS '04.

[7]  Yang Xiao,et al.  Security and privacy in RFID and applications in telemedicine , 2006, IEEE Commun. Mag..

[8]  Hung-Yu Chien,et al.  SASI: A New Ultralightweight RFID Authentication Protocol Providing Strong Authentication and Strong Integrity , 2007, IEEE Transactions on Dependable and Secure Computing.

[9]  Ronald L. Rivest,et al.  Security and Privacy Aspects of Low-Cost Radio Frequency Identification Systems , 2003, SPC.

[10]  Bo Sheng,et al.  Secure and Serverless RFID Authentication and Search Protocols , 2008, IEEE Transactions on Wireless Communications.

[11]  Pawel Rotter,et al.  A Framework for Assessing RFID System Security and Privacy Risks , 2008, IEEE Pervasive Computing.

[12]  T. Sejnowski,et al.  RFID authentication protocol for low-cost tags , 2001 .

[13]  Lei Hu,et al.  Dynamic Key-Updating: Privacy-Preserving Authentication for RFID Systems , 2007, Fifth Annual IEEE International Conference on Pervasive Computing and Communications (PerCom'07).

[14]  Leonid Bolotnyy,et al.  Physically Unclonable Function-Based Security and Privacy in RFID Systems , 2007, Fifth Annual IEEE International Conference on Pervasive Computing and Communications (PerCom'07).

[15]  Alfred Menezes,et al.  Handbook of Applied Cryptography , 2018 .

[16]  Tassos Dimitriou,et al.  A Lightweight RFID Protocol to protect against Traceability and Cloning attacks , 2005, First International Conference on Security and Privacy for Emerging Areas in Communications Networks (SECURECOMM'05).

[17]  Hun-wook Kim,et al.  Symmetric Encryption in RFID Authentication Protocol for Strong Location Privacy and Forward-Security , 2006, 2006 International Conference on Hybrid Information Technology.

[18]  David A. Wagner,et al.  Security and Privacy Issues in E-passports , 2005, First International Conference on Security and Privacy for Emerging Areas in Communications Networks (SECURECOMM'05).

[19]  Ari Juels,et al.  RFID security and privacy: a research survey , 2006, IEEE Journal on Selected Areas in Communications.

[20]  Roy Want,et al.  An introduction to RFID technology , 2006, IEEE Pervasive Computing.

[21]  Andrey Bogdanov,et al.  PRESENT: An Ultra-Lightweight Block Cipher , 2007, CHES.

[22]  Tim Kerins,et al.  Public-Key Cryptography for RFID-Tags , 2007, Fifth Annual IEEE International Conference on Pervasive Computing and Communications Workshops (PerComW'07).

[23]  Peter G. Neumann,et al.  Risks of RFID , 2007, IEEE Engineering Management Review.

[24]  Pattabhiraman Krishna,et al.  RFID Infrastructure , 2007, IEEE Communications Magazine.

[25]  Andrew S. Tanenbaum,et al.  The evolution of RFID security , 2006, IEEE Pervasive Computing.

[26]  Paul Müller,et al.  Hash-based enhancement of location privacy for radio-frequency identification devices using varying identifiers , 2004, IEEE Annual Conference on Pervasive Computing and Communications Workshops, 2004. Proceedings of the Second.

[27]  Raktim Pal,et al.  Auto-ID: managing anything, anywhere, anytime in the supply chain , 2005, CACM.

[28]  Roy Want,et al.  RFID Technology and Applications , 2006, IEEE Pervasive Computing.

[29]  Tassos Dimitriou,et al.  A secure and efficient RFID protocol that could make big brother (partially) obsolete , 2006, Fourth Annual IEEE International Conference on Pervasive Computing and Communications (PERCOM'06).

[30]  Hung-Yu Chien,et al.  Mutual authentication protocol for RFID conforming to EPC Class 1 Generation 2 standards , 2007, Comput. Stand. Interfaces.