Privacy-preserving authentication with low computational overhead for RFID systems

Providing secure authentication in a resource limited Radio Frequency Identification (RFID) system is a challenging task. To address this problem, we propose a High-Performance RFID authentication protocol, HPA, based on AVL tree which is a highly balanced binary search tree. In the protocol, each tag of a RFID system is associated to a node on an AVL tree. It shares a unique secret key with the database and each key is stored in a node on the tree. Compared with existing RFID schemes, HPA has two salient features: logarithmic complexity of searching a node and identifying a tag; much lower computational overhead and storage cost. Simultaneously, HPA is secure enough to defend against both passive and active attacks.

[1]  Tassos Dimitriou,et al.  A Lightweight RFID Protocol to protect against Traceability and Cloning attacks , 2005, First International Conference on Security and Privacy for Emerging Areas in Communications Networks (SECURECOMM'05).

[2]  David A. Wagner,et al.  A Scalable, Delegatable Pseudonym Protocol Enabling Ownership Transfer of RFID Tags , 2005, IACR Cryptol. ePrint Arch..

[3]  Tassos Dimitriou,et al.  A secure and efficient RFID protocol that could make big brother (partially) obsolete , 2006, Fourth Annual IEEE International Conference on Pervasive Computing and Communications (PERCOM'06).

[4]  David A. Wagner,et al.  Privacy and security in library RFID: issues, practices, and architectures , 2004, CCS '04.

[5]  William J. Collins Data Structures and the Standard Template Library , 2002 .

[6]  Ronald L. Rivest,et al.  Security and Privacy Aspects of Low-Cost Radio Frequency Identification Systems , 2003, SPC.

[7]  Philippe Oechslin,et al.  A scalable and provably secure hash-based RFID protocol , 2005, Third IEEE International Conference on Pervasive Computing and Communications Workshops.

[8]  Paul Müller,et al.  Hash-based enhancement of location privacy for radio-frequency identification devices using varying identifiers , 2004, IEEE Annual Conference on Pervasive Computing and Communications Workshops, 2004. Proceedings of the Second.

[9]  Lei Hu,et al.  Dynamic Key-Updating: Privacy-Preserving Authentication for RFID Systems , 2007, Fifth Annual IEEE International Conference on Pervasive Computing and Communications (PerCom'07).

[10]  Ari Juels,et al.  Authenticating Pervasive Devices with Human Protocols , 2005, CRYPTO.

[11]  Dong Hoon Lee,et al.  Efficient Authentication for Low-Cost RFID Systems , 2005, ICCSA.

[12]  Ari Juels,et al.  RFID security and privacy: a research survey , 2006, IEEE Journal on Selected Areas in Communications.

[13]  Martin E. Hellman,et al.  A cryptanalytic time-memory trade-off , 1980, IEEE Trans. Inf. Theory.

[14]  Andrei V. Kelarev,et al.  The Theory of Information and Coding , 2005 .

[15]  Ari Juels,et al.  Minimalist Cryptography for Low-Cost RFID Tags , 2004, SCN.

[16]  Philippe Oechslin,et al.  Reducing Time Complexity in RFID Systems , 2005, Selected Areas in Cryptography.