Symmetric Key-Based Lightweight Authentication Protocols for RFID Security

Radio Frequency Identification (RFID) is being used in many industries from inventory tracking to human implants. However, there are many security issues in RFID systems. Many attacks like privacy related attacks, eavesdropping, replay attack, man-in-the-middle attack, de-synchronization attack, etc. are possible in RFID systems. Due to these security problems, an adversary can get important information which can be used to track the location of a person, steal information, etc. Many researchers have proposed protocols to cater for security. However, there are several drawbacks in existing protocols. For example, they do not support both active and passive tags. In many protocols, reader is not authenticated by server. Many protocols cannot be implemented in practice due to limitations in RFID tag computing ability. This motivated us to explore new protocols which can satisfy all security requirements of authentication protocols for RFID security at low cost. In this paper, we propose a suite of lightweight authentication protocols for RFID security which provide security against all known attacks. We have compared the security provided by the proposed protocols with those of the existing protocols, and shown that the proposed protocols meet most of the security requirements of authentication protocols for RFID security. Essentially, we propose two protocols with tag anonymity as an option. The first protocol ensures all security requirements at low cost. In the second and improved protocol, communication between server and reader is greatly reduced.

[1]  V. R. Vijaykumar,et al.  Hardware implementation of tag-reader mutual authentication protocol for RFID systems , 2014, Integr..

[2]  Wenqi Zhang,et al.  A Mutual Authentication Security RFID Protocol Based on Time Stamp , 2015, 2015 First International Conference on Computational Intelligence Theory, Systems and Applications (CCITSA).

[3]  Guang Gong,et al.  Hummingbird: Ultra-Lightweight Cryptography for Resource-Constrained Devices , 2010, Financial Cryptography Workshops.

[4]  Roy Want,et al.  An introduction to RFID technology , 2006, IEEE Pervasive Computing.

[5]  Andrey Bogdanov,et al.  PRESENT: An Ultra-Lightweight Block Cipher , 2007, CHES.

[6]  Daniel S. Yeung,et al.  A brief survey on current RFID applications , 2009, 2009 International Conference on Machine Learning and Cybernetics.

[7]  Ronald L. Rivest,et al.  Security and Privacy Aspects of Low-Cost Radio Frequency Identification Systems , 2003, SPC.

[8]  Jie Zhang,et al.  A new authentication RFID protocol with ownership transfer , 2013, 2013 International Conference on ICT Convergence (ICTC).

[9]  Ari Juels,et al.  Authenticating Pervasive Devices with Human Protocols , 2005, CRYPTO.

[10]  Ying Liu,et al.  A RFID Mutual Authentication Security Protocol Design and Analysis , 2014, 2014 Ninth International Conference on P2P, Parallel, Grid, Cloud and Internet Computing.

[11]  Yanjun Wang,et al.  Securing RFID systems conforming to EPC Class 1 Generation 2 standard , 2010, Expert Syst. Appl..

[12]  Min Chen,et al.  An Efficient Anonymous Authentication Protocol for RFID Systems Using Dynamic Tokens , 2015, 2015 IEEE 35th International Conference on Distributed Computing Systems.

[13]  Daniel W. Engels,et al.  I. Radio-Frequency Identification: Security Risks and Challenges , 2003 .

[14]  Hari Om,et al.  A Secure Authentication Scheme for RFID Systems , 2016 .

[15]  Daniel W. Engels,et al.  RFID Systems and Security and Privacy Implications , 2002, CHES.

[16]  Chunming Wu,et al.  Scalable pseudo random RFID private mutual authentication , 2010, 2010 2nd International Conference on Computer Engineering and Technology.

[17]  Ayman I. Kayssi,et al.  A PUF-based ultra-lightweight mutual-authentication RFID protocol , 2011, 2011 International Conference for Internet Technology and Secured Transactions.

[18]  Satya Bagchi,et al.  A Coding Theory Based Ultralightweight RFID Authentication Protocol with CRC , 2017, Wirel. Pers. Commun..

[19]  Jian Su,et al.  SLAP: Succinct and Lightweight Authentication Protocol for low-cost RFID system , 2018, Wirel. Networks.

[20]  Zhang Lei,et al.  Research on a provable security RFID authentication protocol based on Hash function , 2016 .

[21]  László Monostori,et al.  A survey of applications and requirements of unique identification systems and RFID techniques , 2011, Comput. Ind..

[22]  Ari Juels,et al.  RFID security and privacy: a research survey , 2006, IEEE Journal on Selected Areas in Communications.

[23]  Srinivas Sampalli,et al.  Lightweight protocol for anonymity and mutual authentication in RFID systems , 2015, 2015 12th Annual IEEE Consumer Communications and Networking Conference (CCNC).

[24]  Martin Feldhofer,et al.  A Case Against Currently Used Hash Functions in RFID Protocols , 2006, OTM Workshops.