SEAS: A Secure and Efficient Anonymity Scheme for Low-Cost RFID Tags

In this paper, we propose SEAS, a novel privacy preserving, anonymous authentication scheme for RFID tags, which allows the tags to use pseudonyms instead of their true identity for authentication. Using SEAS, a tag generates random numbers and uses them to create a pseudonym as its identity for authentication. The pseudonym does not reveal the identity of the tag and the pseudonyms of multiple authentications appear random and uncorrelated to the adversary. A pseudonym can only be deciphered by the back-end authentication authority to identify the tag. No other entity in the network can link the pseudonym to the identity of the tag. Our scheme is efficient, with a tag needing to perform only simple operations such as XOR, bits shifting, bits concatenation, and random number generation. We perform security analysis of our scheme to show its effectiveness against different forms of attacks. We also perform comparison of our scheme with existing schemes in terms of efficiency in the use of resources. Our scheme performs effectively, while at the same time being better than the other popular schemes in the literature in terms of cost and computation efficiency.

[1]  C. Chatmon Secure Anonymous RFID Authentication Protocols , 2022 .

[2]  Sandra Dominikus,et al.  Symmetric Authentication for RFID Systems in Practice , 2005 .

[3]  Jonathan Katz,et al.  Parallel and Concurrent Security of the HB and HB+ Protocols , 2006, EUROCRYPT.

[4]  Jonathan Katzand,et al.  Parallel and Concurrent Security of the HB and HB + Protocols , 2006 .

[5]  Selwyn Piramuthu,et al.  HB and Related Lightweight Authentication Protocols for Secure RFID Tag/Reader Authentication , 2006 .

[6]  Mikko Lehtonen,et al.  From Identification to Authentication – A Review of RFID Product Authentication Techniques , 2008 .

[7]  Kwangjo Kim,et al.  Mutual Authentication Protocol for Low-cost RFID , 2005, CRYPTO 2005.

[8]  Tassos Dimitriou,et al.  A secure and efficient RFID protocol that could make big brother (partially) obsolete , 2006, Fourth Annual IEEE International Conference on Pervasive Computing and Communications (PERCOM'06).

[9]  Ronald L. Rivest,et al.  Security and Privacy Aspects of Low-Cost Radio Frequency Identification Systems , 2003, SPC.

[10]  Ari Juels,et al.  Authenticating Pervasive Devices with Human Protocols , 2005, CRYPTO.

[11]  Lejla Batina,et al.  RFID-Tags for Anti-counterfeiting , 2006, CT-RSA.

[12]  Sandra Dominikus,et al.  Strong Authentication for RFID Systems Using the AES Algorithm , 2004, CHES.

[13]  M. Feldhofer An authentication protocol in a security layer for RFID smart tags , 2004, Proceedings of the 12th IEEE Mediterranean Electrotechnical Conference (IEEE Cat. No.04CH37521).

[14]  Gene Tsudik,et al.  YA-TRAP: yet another trivial RFID authentication protocol , 2006, Fourth Annual IEEE International Conference on Pervasive Computing and Communications Workshops (PERCOMW'06).

[15]  염흥렬,et al.  [서평]「Applied Cryptography」 , 1997 .

[16]  David A. Wagner,et al.  Privacy and security in library RFID: issues, practices, and architectures , 2004, CCS '04.

[17]  Matthew J. B. Robshaw,et al.  An Active Attack Against HB +-A Provably Secure Lightweight Authentication Protocol , 2022 .

[18]  Martin Feldhofer,et al.  A Case Against Currently Used Hash Functions in RFID Protocols , 2006, OTM Workshops.

[19]  Dong Hoon Lee,et al.  Efficient Authentication for Low-Cost RFID Systems , 2005, ICCSA.

[20]  Manuel Blum,et al.  A Secure Human-Computer Authentication Scheme , 2000 .

[21]  Ari Juels,et al.  Minimalist Cryptography for Low-Cost RFID Tags , 2004, SCN.

[22]  Tassos Dimitriou,et al.  A Lightweight RFID Protocol to protect against Traceability and Cloning attacks , 2005, First International Conference on Security and Privacy for Emerging Areas in Communications Networks (SECURECOMM'05).