A lightweight anti-desynchronization RFID authentication protocol

Radio frequency identification (RFID) technology has been widely used in ubiquitous infrastructures. However, resource constraint in the low-cost RFID systems has posed potential risks such as privacy and security problems, becoming adoption barrier for RFID-based applications. In this paper, current security issues in RFID are introduced firstly. Then, we propose a lightweight Anti-desynchronization privacy preserving RFID authentication protocol. It is particularly suitable for the low-cost RFID environment for only the capacity of one-way hash function and XOR operation is needed. In this lightweight Anti-desynchronization RFID authentication protocol, the back-end server keeps the history of the random key update to prevent the active attackers from de-synchronizing the shared secret between the tag and the back-end server. The security and the performance of the proposed protocol are analyzed as well.

[1]  Pedro Peris-López,et al.  LMAP : A Real Lightweight Mutual Authentication Protocol for Low-cost RFID tags , 2006 .

[2]  Julien Bringer,et al.  HB^+^+: a Lightweight Authentication Protocol Secure against Some Attacks , 2006, Second International Workshop on Security, Privacy and Trust in Pervasive and Ubiquitous Computing (SecPerU'06).

[3]  Kevin Fu,et al.  Cryptanalysis of Two Lightweight RFID Authentication Schemes , 2007, Fifth Annual IEEE International Conference on Pervasive Computing and Communications Workshops (PerComW'07).

[4]  Berk Sunar,et al.  Universal Hash Functions for Emerging Ultra-Low-Power Networks , 2004 .

[5]  Ying Wang,et al.  EMAP: An efficient mutual authentication protocol for passive RFID tags , 2012, Int. J. Autom. Comput..

[6]  Selwyn Piramuthu HB and Related Lightweight Authentication Protocols for Secure RFID Tag/Reader Authentication , 2006 .

[7]  Alban Feraud,et al.  mutual authentication protocol , 2011 .

[8]  Kwangjo Kim,et al.  Enhancing Security of EPCGlobal Gen-2 RFID against Traceability and Cloning , 2006 .

[9]  Hung-Yu Chien,et al.  SASI: A New Ultralightweight RFID Authentication Protocol Providing Strong Authentication and Strong Integrity , 2007, IEEE Transactions on Dependable and Secure Computing.

[10]  Daesung Kwon,et al.  Vulnerability of an RFID Authentication Protocol Proposed in at SecUbiq 2005 , 2006, EUC Workshops.

[11]  Ari Juels,et al.  Authenticating Pervasive Devices with Human Protocols , 2005, CRYPTO.

[12]  Dong Hoon Lee,et al.  Efficient Authentication for Low-Cost RFID Systems , 2005, ICCSA.

[13]  Robert H. Deng,et al.  Vulnerability Analysis of EMAP-An Efficient RFID Mutual Authentication Protocol , 2007, The Second International Conference on Availability, Reliability and Security (ARES'07).

[14]  D. M. Konidala,et al.  A Simple and Cost-effective RFID Tag-Reader Mutual Authentication Scheme , 2007, RFID 2007.

[15]  Markus G. Kuhn,et al.  An RFID Distance Bounding Protocol , 2005, First International Conference on Security and Privacy for Emerging Areas in Communications Networks (SECURECOMM'05).

[16]  Ronald L. Rivest,et al.  Security and Privacy Aspects of Low-Cost Radio Frequency Identification Systems , 2003, SPC.

[17]  Manuel Blum,et al.  Secure Human Identification Protocols , 2001, ASIACRYPT.

[18]  Juan E. Tapiador,et al.  M2AP: A Minimalist Mutual-Authentication Protocol for Low-Cost RFID Tags , 2006, UIC.

[19]  Julio C. Hernandez-Castro,et al.  Vulnerability Analysis of a Mutual Authentication Scheme under the EPC Class-1 Generation-2 Standard , 2008 .

[20]  Juan E. Tapiador,et al.  EMAP: An Efficient Mutual-Authentication Protocol for Low-Cost RFID Tags , 2006, OTM Workshops.

[21]  Hung-Yu Chien,et al.  A Lightweight Authentication Protocol for Low-Cost RFID , 2010, J. Signal Process. Syst..

[22]  Tassos Dimitriou,et al.  A Lightweight RFID Protocol to protect against Traceability and Cloning attacks , 2005, First International Conference on Security and Privacy for Emerging Areas in Communications Networks (SECURECOMM'05).

[23]  Tieyan Li,et al.  Security Analysis of Two Ultra-Lightweight RFID Authentication Protocols , 2007, SEC.

[24]  Dong Hoon Lee,et al.  Efficient RFID Authentication Protocol for Ubiquitous Computing Environment , 2005, EUC Workshops.

[25]  István Vajda,et al.  Lightweight Authentication Protocols for Low-Cost RFID Tags , 2003 .

[26]  Paul Müller,et al.  Hash-based enhancement of location privacy for radio-frequency identification devices using varying identifiers , 2004, IEEE Annual Conference on Pervasive Computing and Communications Workshops, 2004. Proceedings of the Second.

[27]  Hung-Yu Chien,et al.  Mutual authentication protocol for RFID conforming to EPC Class 1 Generation 2 standards , 2007, Comput. Stand. Interfaces.

[28]  Chris J. Mitchell,et al.  RFID authentication protocol for low-cost tags , 2008, WiSec '08.