Abstract
As industries aggressively deploy Radio Frequency IDentification application systems, the user privacy invasion and system security threats are increasingly concernd by individuals and organizations. Recently several hash-based mutual authentication schemes have been proposed to resolve security-related problems. However, previous schemes either suffer from security loopholes or have system efficiency problem for identity match process. In this paper, the security flaws of two recently proposed hash-based authentication schemes are analyzed at first. Based on this analysis, we identify the security and privacy criterions for the authentication process of RFID systems, and propose a new mutual authentication scheme to eliminate possible security flaws and enhance privacy protection to the owner of an object with RFID tag attached on it. In addition, we develop an efficient identity match and retrieval mechanism to relieve the heavy computation load of traditional match scheme between received tag identity and records in backend database of RFID systems.
This is a preview of subscription content, log in via an institution.
Buying options
Tax calculation will be finalised at checkout
Purchases are for personal use only
Learn about institutional subscriptionsPreview
Unable to display preview. Download preview PDF.
References
Weis, S.A., Sarma, S.E., Rivest, R.L., Engels, D.W.: Security and Privacy Aspects of Low-Cost Radio Frequency Identification Systems. In: Security in Pervasive Computing, pp. 201–212 (2003)
Ohkubo, M., Suzki, K., Kinoshita, S.: Cryptographic Approach to ’Privacyfriendly’ Tags. In: RFID Privacy Workshop, MA, USA, MIT, Cambridge (2003)
Henrici, D., Müller, P.: Hash-based Enhancement of Location Privacy for Radio Frequency Identification Devices using Varying Identifiers. In: Workshop on Pervasive Computing and Communications Security (PerSec 2004) at IEEE PerCom Workshop 2004, Orlando, Florida, March 14-17, 2004, IEEE, Los Alamitos (2004)
Yuksel, K.: Universal Hashing for Ultra-Low-Power Cryptographic Hardware Applications, Master Thesis, Dept. of Electronical Engineering, WPI (2004)
Park, J.-S., Lee, I.-Y.: RFID Authentication Protocol Using ID Synchronization in Insure Communication. In: The International Conference on Hybrid Information Technology (ICHIT 2006), vol. 2, pp. 664–667 (2006)
Yang, J., Park, J., Lee, H., Ren, K., Kim, K.: Mutual Authentication Protocol for Low-cost RFID. In: The Encrypt Workshop on RFID and Lightweight Crypto (2005)
An, Y., Oh, S.: RFID System for User’s Privacy Protection. In: Asia-Pacific Conference on Communications, pp. 516–519 (2005)
Osaka, K., Takagi, T., Yamazaki, K., Takahashi, O.: An Efficient and Secure RFID Security Method with Ownership Transfer. IEEE ICCIAS 2, 1090–1095 (2006)
Kim, H.-W., Lim, S.-Y., Lee, H.-J.: Symmetric Encryption in RFID Authentication Protocol for Strong Location Privacy and Forward-Security. In: the International Conference on Hybrid Information Technology (ICHIT 2006), vol. 2, pp. 718–723 (2006)
Author information
Authors and Affiliations
Editor information
Rights and permissions
Copyright information
© 2007 Springer-Verlag Berlin Heidelberg
About this paper
Cite this paper
Lo, N.W., Yeh, KH. (2007). Novel RFID Authentication Schemes for Security Enhancement and System Efficiency. In: Jonker, W., Petković, M. (eds) Secure Data Management. SDM 2007. Lecture Notes in Computer Science, vol 4721. Springer, Berlin, Heidelberg. https://doi.org/10.1007/978-3-540-75248-6_15
Download citation
DOI: https://doi.org/10.1007/978-3-540-75248-6_15
Publisher Name: Springer, Berlin, Heidelberg
Print ISBN: 978-3-540-75247-9
Online ISBN: 978-3-540-75248-6
eBook Packages: Computer ScienceComputer Science (R0)