Abstract
Low-cost tags are widely used, but have very limited storage space and computing power. In this paper, we propose an efficent lightweight radio-frequency identification (RFID) authentication protocol with strong trajectory privacy protection to balance the security and availability of RFID systems. In this protocol, tags only adopt pseudo-random number generator and XOR operation. In the authentication process, tags always use pseudonyms to prevent the exposure of sensitive messages, the pseudonyms and secret numbers of the tags are synchronized with the background server all the time. The analysis shows that the protocol can solve security issues such as desynchronization attack, man in the middle attack, forward security, replay attack, clone and so on effectively, and meet the requirements of low-cost tags. The trajectory privacy model of RFID systems is also used to prove the strong trajectory privacy and security of the protocol. This protocol has a better performance in terms of storage cost, computation cost and communication cost, and the search efficiency of the background server comparing to the existing relevant research results.
Similar content being viewed by others
References
Hongsongkiat, T., & Chongstitvatana, P. (2014). AES implementation for RFID tags: The hardware and software approaches. In International Computer Science and Engineering Conference (pp. 118–123).
Habibi, M. H., Alagheband, M. R., & Aref, M. R.(2011). Attacks on a lightweight mutual authentication protocol under EPC C-1 G-2 standard. IFIP WG 11.2 International conference on information security theory and practice: Security and privacy of mobile devices in wireless communication (Vol. 6633, pp. 254–263). Springer.
Chang-She, M. A. (2011). Low cost RFID authentication protocol with forward privacy. Chinese Journal of Computers, 34(8), 1387–1398.
Xiao, F., Zhou, Y. J., Zhou, Y. X., et al. (2013). Provable secure mutual authentication protocol for RFID in the standard model. Journal on Communication, 34(4), 82–98.
Feng, X., Zhou, Y. J., Zhou, J. X., & Niu, X. X. (2013). Provable secure mutual authentication protocol for RFID in the standard model. Journal on Communications, 34(4), 82–87.
Phan, C. W. (2010). Cryptanalysis of a new ultralightweight RFID authentication protocolsasi. IEEE Transactions on Dependable and Secure Computing, 6(4), 316–320.
Chen, M., Luo, W., Mo, Z., & Chen, S. (2016). An efficient tag search protocol in large-scale RFID systems with noisy channel. IEEE/ACM Transactions on Networking, 24(2), 703–716.
D’Arco, P., & De Santis, A. (2011). On ultralightweight RFID authentication protocols. IEEE Transactions on Dependable and Secure Computing, 8(4), 548–563.
Tian, Y., Chen, G., & Li, J. (2012). A new ultralightweight RFID authentication protocol with permutation. IEEE Communications Letters, 16(5), 702–705.
Avoine, G., & Carpent, X. (2011). Yet another ultralightweight authentication protocol that is broken. In International conference on radio frequency identification: Security and privacy issues (Vol. 2011, pp. 20–30). Springer.
Luo, H., Wen, G., Su, J., & Huang, Z. (2016). Slap: Succinct and lightweight authentication protocol for low-cost RFID system. Wireless Networks. doi:10.1007/s11276-016-1323-y.
Alakrut, R. H. E., Samsudin, A., & Syafalni, A. (2013). Provably lightweight RFID mutual authentication protocol. International Journal of Security and Its Applications, 7(4), 71–90.
Hermans, J., Peeters, R., & Preneel, B. (2014). Proper RFID privacy: Model and protocols. IEEE Transactions on Mobile Computing, 13(12), 2888–2902.
Haitner, I., Reingold, O., & Vadhan, S. (2010). Efficiency improvements in constructing pseudorandom generators from one-way functions. In ACM symposium on theory of computing, STOC 2010, Cambridge, Massachusetts, USA, 5–8 June (Vol. 17, pp. 437–446). DBLP.
Ha, J. C., Ha, J. H., Moon, S. J., & Boyd, C.(2006). LRMAP: Lightweight and resynchronous mutual authentication protocol for RFID system. In International Conference on Ubiquitous Convergence Technology (Vol. 4412, pp. 80–89). Springer.
Alomair, B., Clark, A., Cuellar, J., & Poovendran, R. (2014). Scalable RFID systems: A privacy-preserving protocol with constant-time identification. IEEE Transactions on Parallel and Distributed Systems, 23(8), 1536–1550.
Liu, Z., Liu, D., Li, L., & Lin, H. (2015). Implementation of a new RFID authentication protocol for EPC Gen2 standard. IEEE Sensors Journal, 15(2), 1003–1011.
Zhang, W., Wu, L., Liu, S., Huang, T., Guo, Y., & Hsu, C. (2016). A trajectory privacy model for radio-frequency identification system. Wireless Personal Communications, 90(3), 1–14.
Shen, J., Tan, H., Moh, S., Chung, I., & Wang, J. (2016). An efficient RFID authentication protocol providing strong privacy and security. The Internet Journal of Technology, 17(3), 443–455.
Yeh, K. H., Lo, N. W., & Winata, E. (2010). An efficient ultralightweight authentication protocol for RFID systems. In Proceedings of RFIDsec Asia 2010. Cryptology and Information Security Series (Vol. 10, pp. 49–60).
Moradi, F., Mala, H., & Ladani, B. T. (2015). Security analysis and strengthening of an RFID lightweight authentication protocol suitable for vanets. Wireless Personal Communications, 83(4), 1–15.
Wang, S., Liu, S., & Chen, D. (2015). Security analysis and improvement on two RFID authentication protocols. Wireless Personal Communications an International Journal, 82(1), 21–33.
Abdolmaleki, B., Baghery, K., Akhbari, B., & Aref, M. R. (2014). Attacks and improvements on two new-found RFID authentication protocols. In International Symposium on Telecommunications (Vol. 4, pp. 895–900). IEEE.
Alavi, S. M., Baghery, K., Abdolmaleki, B., & Aref, M. R. (2015). Traceability analysis of recent RFID authentication protocols. Wireless Personal Communications, 83(3), 1663–1682.
Chen, X., Cao, T., & Zhai, J. (2016). Untraceability analysis of two RFID authentication protocols. Chinese Journal of Electronics, 25(5), 912–920.
Dawoud, M., & Altilar, D. T. (2016). Heada: A low cost RFID authentication technique using homomorphic encryption for key generation. Security and Communication Networks, 9(17), 4182–4191.
Rahman, F., Hoque, M. E., & Ahamed, S. I. (2016). Anonpri: A secure anonymous private authentication protocol for RFID systems. Information Sciences, 379, 195–210.
Gope, P., & Hwang, T. (2015). A realistic lightweight authentication protocol preserving strong anonymity for securing RFID system. Computers & Security, 55(C), 271–280.
Acknowledgements
We would like to thank the editor and anonymous reviewers for their valuable suggestions. This research was partially funded by the Project of the Program for National Key Technology Research and Development Program (2015BAH33F02).
Author information
Authors and Affiliations
Corresponding author
Rights and permissions
About this article
Cite this article
Zhang, W., Liu, S., Wang, S. et al. An Efficient Lightweight RFID Authentication Protocol with Strong Trajectory Privacy Protection. Wireless Pers Commun 96, 1215–1228 (2017). https://doi.org/10.1007/s11277-017-4232-1
Published:
Issue Date:
DOI: https://doi.org/10.1007/s11277-017-4232-1