A lightweight mutual authentication protocol for RFID networks

Radio frequency identification (RFID) technology is expected to become an important and ubiquitous infrastructure technology of supply chain processes and customer service. The low-cost tag, or so-called passive tag, will be likely the factor for widespread adoption of the technology. It must be noticed that the deployment of such tags may create new threats to user privacy due to the powerful tracking capability of the tags. As a result, some sort of security issues must be imposed on the passive tags for addressing the privacy problem. However, providing security in such tags is a challenging task because they are highly resource constrained and cannot support strong cryptography. This paper provides both discussion on the requirements and restrictions of security implementation of a RFID system. It also examines the features and issues pertinent to several existing RFID security solution. Finally, this paper suggests the use of our proposed lightweight security protocol based on Ohkubo's scheme, which protects user privacy using a hash chain mechanism and also provides an analysis of the protocol

[1]  Ronald L. Rivest,et al.  Security and Privacy Aspects of Low-Cost Radio Frequency Identification Systems , 2003, SPC.

[2]  Daniel W. Engels,et al.  RFID Systems and Security and Privacy Implications , 2002, CHES.

[3]  Sandra Dominikus,et al.  Strong Authentication for RFID Systems Using the AES Algorithm , 2004, CHES.

[4]  Ari Juels,et al.  Minimalist Cryptography for Low-Cost RFID Tags , 2004, SCN.

[5]  Berk Sunar,et al.  Energy Comparison of AES and SHA-1 for Ubiquitous Computing , 2006, EUC Workshops.

[6]  Berk Sunar,et al.  Universal Hash Functions for Emerging Ultra-Low-Power Networks , 2004 .

[7]  Kwangjo Kim,et al.  Mutual Authentication Protocol for Low-cost RFID , 2005, CRYPTO 2005.

[8]  Christian Damsgaard Jensen,et al.  Zero-knowledge Device Authentication: Privacy & Security Enhanced RFID preserving Business Value and Consumer Convenience , 2004, PST.

[9]  István Vajda,et al.  Lightweight Authentication Protocols for Low-Cost RFID Tags , 2003 .

[10]  Hongjun Wu,et al.  Ecrypt Network of Excellence in Cryptology , 2007 .

[11]  Vincent Rijmen,et al.  AES implementation on a grain of sand , 2005 .

[12]  Ronald L. Rivest,et al.  The blocker tag: selective blocking of RFID tags for consumer privacy , 2003, CCS '03.

[13]  François-Xavier Standaert,et al.  State of the Art in Hardware Architectures , 2005 .

[14]  Paul Müller,et al.  Hash-based enhancement of location privacy for radio-frequency identification devices using varying identifiers , 2004, IEEE Annual Conference on Pervasive Computing and Communications Workshops, 2004. Proceedings of the Second.