Secure RFID Identification and Authentication with Triggered Hash Chain Variants

In this paper, we propose two RFID identification and authentication schemes based on the previously proposed triggered hash chain scheme by Henrici and Muller. The schemes are designed to mitigate the shortcomings observed in the triggered hash chain scheme and to ensure privacy preserving identification, tag-reader mutual authentication, as well as forward-privacy in the case of RFID tags that have been compromised. The first scheme uses a challenge-response mechanism to defend against an obvious weakness of the triggered hash chain scheme. The second scheme uses an authenticated monotonic counter to defend against a session linking attack that the first scheme is vulnerable to. We compare the level of security offered by our proposed schemes against other previous schemes and find that the schemes perform well, while keeping within reasonable overheads in terms of computational, storage and communication requirements.

[1]  Paul Müller,et al.  Providing Security and Privacy in RFID Systems Using Triggered Hash Chains , 2008, 2008 Sixth Annual IEEE International Conference on Pervasive Computing and Communications (PerCom).

[2]  Tassos Dimitriou,et al.  A Lightweight RFID Protocol to protect against Traceability and Cloning attacks , 2005, First International Conference on Security and Privacy for Emerging Areas in Communications Networks (SECURECOMM'05).

[3]  Gene Tsudik,et al.  YA-TRAP: yet another trivial RFID authentication protocol , 2006, Fourth Annual IEEE International Conference on Pervasive Computing and Communications Workshops (PERCOMW'06).

[4]  Yunhao Liu,et al.  Dynamic Key-Updating: Privacy-Preserving Authentication for RFID Systems , 2007, PerCom.

[5]  Philippe Oechslin,et al.  A scalable and provably secure hash-based RFID protocol , 2005, Third IEEE International Conference on Pervasive Computing and Communications Workshops.

[6]  Leslie Lamport,et al.  Password authentication with insecure communication , 1981, CACM.

[7]  Koutarou Suzuki,et al.  Cryptographic Approach to “Privacy-Friendly” Tags , 2003 .

[8]  Roberto Di Pietro,et al.  RIPP-FS: An RFID Identification, Privacy Preserving Protocol with Forward Secrecy. , 2007, Fifth Annual IEEE International Conference on Pervasive Computing and Communications Workshops (PerComW'07).

[9]  Tassos Dimitriou,et al.  A secure and efficient RFID protocol that could make big brother (partially) obsolete , 2006, Fourth Annual IEEE International Conference on Pervasive Computing and Communications (PERCOM'06).

[10]  C. Chatmon Secure Anonymous RFID Authentication Protocols , 2022 .