Skip to main content
Springer Nature Link
Log in

A Low-Cost RFID Authentication Protocol Against Desynchronization with a Random Tuple

  • Published:
Wireless Personal Communications Aims and scope Submit manuscript

Abstract

Radio frequency identification (RFID) technology will become one of the most popular technologies to identify objects in the near future. However, the major barrier that the RFID system is facing presently is the security and privacy issue. Recently, a lightweight anti-desynchronization RFID authentication protocol has been proposed to provide security and prevent all possible malicious attacks. However, it is discovered that a type of desynchronization attacks can successfully break the proposed scheme. To overcome the vulnerability under the desynchronization attacks, we propose a low-cost RFID authentication protocol which integrates the operation of the XOR, build-in CRC-16 function, permutation, a random tuple and secret key backup technology to improve the security functionality without increasing any cost than the utralightweight protocols. The analysis shows that our proposal has a strong ability to prevent existing malicious attacks, especially the desynchronization attacks.

This is a preview of subscription content, log in via an institution to check access.

Access this article

Log in via an institution

Subscribe and save

Springer+ Basic
$34.99 /Month
  • Get 10 units per month
  • Download Article/Chapter or eBook
  • 1 Unit = 1 Article or 1 Chapter
  • Cancel anytime
Subscribe now

Buy Now

Price excludes VAT (USA)
Tax calculation will be finalised during checkout.

Instant access to the full article PDF.

Institutional subscriptions

Fig. 1
Fig. 2
Fig. 3
Fig. 4
Fig. 5
Fig. 6
Fig. 7
Fig. 8

Similar content being viewed by others

References

  1. Juels, A. (2006). RFID security and privacy: A research survey. IEEE Journal on Selected Areas in Communications, 24(2), 381–394.

    Article  MathSciNet  Google Scholar 

  2. Sun, H. M., & Ting, W. C. (2009). A Gen2-based RFID authentication protocol for security and privacy. IEEE Transactions on Mobile Computing, 8(8), 1052–1062.

    Article  Google Scholar 

  3. Sarma, S. E., Weis, S. A., & Engels, D. W. (2003). Radio-frequency identification: Secure risks and challenges. RSA Laboratories Cryptobytes, 6(1), 2–9.

    Google Scholar 

  4. Weis, S. A. (2003). Security and privacy in radio-frequency identification devices. Massachusetts Institute of Technology.

  5. Juels, A., Rivest, R. L., & Szydlo, M. (2003). The Blocker Tag: Selective blocking of RFID tags for consumer privacy. In Proceedings of the l0th ACM conference of computer and communications security (pp. l03–111).

  6. Chien, H. Y. (2007). SASI: A new ultralightweight RFID authentication protocol providing strong authentication and strong integrity. IEEE Transaction of Dependable and Secure Computing, 3(4), 337–340.

    Article  MathSciNet  Google Scholar 

  7. Sarma, S. E., Weis, S. A., & Engels, D. W. (2003). RFID systems and security and privacy implications. In Proceedings of the 4th international workshop on cryptographic hardware and embedded systems (pp. 454–469).

  8. Henrici, D., & Muller, P. (2004). Hash-based enhancement of location privacy for radio-frequency identification devices using varying identifiers. In Proceedings of 2nd IEEE annual conference on pervasive computing and communications workshops (pp. 149–153).

  9. Gao, L., Ma, M., Shu, Y., & Wei, Y. (2013). A security protocol resistant to intermittent position trace attacks and synchronization attacks in RFID systems. Wireless Personal Communications, 68(4), 1943–1959.

    Article  Google Scholar 

  10. Zhou, S., Zhang, Z., & Luo, Z. (2010). A lightweight anti-desynchronization RFID authentication protocol. Information Systems Frontiers, 12(5), 521–528.

    Article  Google Scholar 

  11. Blurn, A., Furst, M., & Keams, M. (1993). Cryptographie primitives based on hard leaming problems. Advances in Cryptology-CRYPTO, 773(1993), 1–10.

  12. Juels, A., & Weis, S. A. (2005). Authenticating pervasive devices with human protocols. Advances in Cryptology-CRYPTO, 3621(2005), 293–308.

  13. Bringer, J., Chabanne, H., & Dottax, E. (2006). HB++: A lightweight authentication protocol secure against some attacks. In Proceedings of IEEE international conference on pervasive services workshop on security (pp. 28–33).

  14. Piramuthu, S. (2007). HB and related lightweight authentication protocols for secure RFID tag/reader authentication. In Proceedings of the CollECTeR (Europe) conference (pp. 1–8).

  15. Duc, D. N., Park, J., Lee, H., & Kim, K. (2006). Enhancing security of EPCglobal Gen-2 RFID tag against traceability and cloning. White Paper, pp. 1–11.

  16. Doss, R., Saravanan, S., & Zhou, W. L. (2012). A practical quadratic residues based scheme for authentication and privacy in mobile RFID systems. Ad Hoc Networks, 11(1), 383–396.

    Article  Google Scholar 

  17. Doss, R., Zhou, W. L., Saravanan, S., Yu, S., & Gao, L. X. (2012). A minimum disclosure approach to authentication and privacy in RFID systems. Computer Networks, 56(15), 3401–3416.

    Article  Google Scholar 

  18. Lopez, P. P., & Castro, J. H. (2006). \(\text{ M }^{2}\text{ AP }\): A minimalist mutual-authentication protocol for low-cost RFID tags. In Proceedings of the international conference on ubiquitous intelligence and computing (pp. 912–923).

  19. Bárász, M., Boros, B., & Lója, P. L. K. (2007). Passive attack against the \(\text{ M }^{2}\text{ AP }\) mutual authentication protocol for RFID tags. In Proceedings of the first international workshop on RFID technology (pp. 1–4).

  20. Sun, H. M., Ting, W. C., & Wang, K. H. (2011). On the security of Chien’s ultralightweight RFID authentication protocol. IEEE Transaction Dependable and Secure Computing, 8(2), 315–317.

    Article  Google Scholar 

  21. Peris-Lopez, P., Hernandez-Castro, J. C., & Tapiador, J. M. E. (2009). Advances in ultralightweight cryptography for low-cost RFID tags: Gossamer protocol. In Proceedings of the 9th international workshop on information security applications (pp. 56–68).

  22. Ahmed, E. G., Shaaban, E., & Hashem, M. (2010). Lightweight mutual authentication protocol for low cost RFID tags. Journal of Network and Computer Applications, 2(2), 27–37.

    Google Scholar 

  23. Tian, Y., Chen, G. L., & Li, J. H. (2012). A new ultralightweight RFID authentication protocol with permutation. IEEE Communications Letters, 16(5), 702–705.

    Article  Google Scholar 

  24. Gao, L., Ma, M., Shu, Y., & Wei, Y. (2014). An ultralightweight RFID authentication protocol with CRC and permutation. Journal of Network and Computer Applications, 41(5), 37–46.

    Article  Google Scholar 

  25. Paolo, D., & Santis, A. D. (2011). On ultralightweight RFID authentication protocols. IEEE Transactions on Dependable and Secure Computing, 8(4), 548–563.

    Article  Google Scholar 

  26. Avoine, G., Carpent, X., & Martin, B. (2012). Privacy-friendly synchronized ultralightweight authentication protocols in the storm. Journal of Network and Computer Applications, 35(2), 826–843.

    Article  Google Scholar 

Download references

Acknowledgments

This work was partially supported by the National Natural Science Foundation of China (NSFC) under Grant No. 61202379 and Natural Science Foundation of Liaoning Province under Grant No. 2013024020.

Author information

Authors and Affiliations

  1. School of Computer Science and Technology, Tianjin University, Tianjin, China

    Lijun Gao, Yantai Shu & Lei Zhang

  2. Department of Computer Science and Technology, Shenyang Aerospace University, Shenyang, China

    Lijun Gao, Feng Lin & Yuhua Wei

  3. School of Electrical and Electronic Engineering, Nanyang Technological University, Nanyang Avenue, Singapore

    Maode Ma

Authors
  1. Lijun Gao
    View author publications

    You can also search for this author inPubMed Google Scholar

  2. Maode Ma
    View author publications

    You can also search for this author inPubMed Google Scholar

  3. Yantai Shu
    View author publications

    You can also search for this author inPubMed Google Scholar

  4. Feng Lin
    View author publications

    You can also search for this author inPubMed Google Scholar

  5. Lei Zhang
    View author publications

    You can also search for this author inPubMed Google Scholar

  6. Yuhua Wei
    View author publications

    You can also search for this author inPubMed Google Scholar

Corresponding author

Correspondence to Maode Ma.

Rights and permissions

Reprints and permissions

About this article

Check for updates. Verify currency and authenticity via CrossMark

Cite this article

Gao, L., Ma, M., Shu, Y. et al. A Low-Cost RFID Authentication Protocol Against Desynchronization with a Random Tuple. Wireless Pers Commun 79, 1941–1958 (2014). https://doi.org/10.1007/s11277-014-1966-x

Download citation

  • Published:

  • Issue Date:

  • DOI: https://doi.org/10.1007/s11277-014-1966-x

Keywords