Abstract
Radio frequency identification (RFID) technology has been widely used in ubiquitous infrastructures. However, resource constraint in the low-cost RFID systems has posed potential risks such as privacy and security problems, becoming adoption barrier for RFID-based applications. In this paper, current security issues in RFID are introduced firstly. Then, we propose a lightweight Anti-desynchronization privacy preserving RFID authentication protocol. It is particularly suitable for the low-cost RFID environment for only the capacity of one-way hash function and XOR operation is needed. In this lightweight Anti-desynchronization RFID authentication protocol, the back-end server keeps the history of the random key update to prevent the active attackers from de-synchronizing the shared secret between the tag and the back-end server. The security and the performance of the proposed protocol are analyzed as well.
This is a preview of subscription content, log in via an institution to check access.
Similar content being viewed by others
References
Bringer, J., Chabanne, H., & Dottax, E. (2006). HB++: a lightweight authentication protocol secure against some attacks. IEEE International Conference on Pervasive Services, Workshop on Security, Privacy and Trust in Pervasive and Ubiquitous Computing—SecPerU.
Choi, E. Y., Lee S. M., & Lee, D. H. (2005). Efficient RFID authentication protocol for ubiquitous computing environment. SecUbiq 2005, LNCS 3823, 945-954.
Chien, H. Y. (2007). SASI: a new ultralightweight RFID authentication protocol providing strong authentication and strong integrity. IEEE Transactions on Dependable and Secure Computing, 4(4), 337–340.
Chien, H., & Chen, C. (2007). Mutual authentication protocol for RFID conforming to EPC class 1 generation 2 standards. Computer Standards &Interfaces, 29(2), 254–259.
Defend. B., Fu, K., & Juels, A. (2007). Cryptanalysis of two lightweight RFID authentication schemes. Pervasive Computing and Communications Workshops.
Dimitriou, T. (2005). A lightweight RFID protocol to protect against traceability and cloning attacks. Securecomm.
Duc, D. N., Park, J., Lee, H. & Kim, K. (2006). Enhancingsecurity of EPCglobal gen-2 RFID tag against traceability and cloning. In Symposium on Cryptography and Information Security—SCIS 2006. Hiroshima, Japan, January 2006.
Hancke, G., Kuhn, M. (2005). An RFID distance bounding protocol. Proceeding of the IEEE, Athens, Greece, 2005.
Henrici, D., Muller, P. (2004). Hash-based enhancement of location privacy for radio-frequency identification devices using varying identifiers. The 2nd IEEE Annual Conference on Pervasive Computing and Communication Workshops, Washington, DC, USA.
Hopper, N. J., & Blum, M. (2001). Secure human identification protocols. Advances in cryptology—ASIACRYPT 2001, Volume 2248, Lecture Notes in Computer Science (pp. 52–66). Springer-Verlag.
Juels, A., & Weis, S. (2005). Authenticating pervasive devices with human protocols. Advanced in cryptology—CRYPTO’05, Volume 3126, Lecture Notes in Computer Science (pp. 293–308). Springer-Verlag.
Konidala, D. M., Kim, Z., & Kim, K. (2007). A simple and cost-effective RFID tag-reader mutual authentication scheme. International Conference on RFID Security 2007 (pp. 141–152). Malaga, Spain.
Kwon, D., Han, D., Lee, J., & Yeom, Y. (2006). Vulnerability of an RFID authentication protocol proposed in at SecUbiq 2005. Emerging Directions in Embedded and Ubiquitous Computing, 4097/2006, 262–270.
Lee, S. M., Hwang, Y. J., Lee, D. H., & Lim, J. I. (2005). Efficient authenticaiton for low-cost RFID systems. International Conference on Computational Science and Its Applications (ICCSA).
Li, T., & Deng, R. H. (2007). Vulnerability analysis of EMAP—an efficient RFID mutual authentication protocol. The Second International Conference on Availability, Reliability and Security (AReS 2007).
Li, T., & Wang, G. (2007). Security analysis of two ultra-lightweight RFID authentication protocols. IFIP SEC 2007, South Africa.
Piramuthu, S. (2007). HB and related lightweight authentication protocols for secure RFID tag/reader authentication. Decision and Information Sciences University of Florida (pp. 32611–7169). Gainesville, Florida.
Peris-Lopez,P., Hernandez-Castro, J. C., Estevez-Tapiador, J. M., & Ribagorda, A. (2006a). LMAP: A real lightwight mutual authentication protocol for low-cost RFID tags. Proceedings of RFIDSec06 Workshop on RFID Security, Austria.
Peris-Lopez, P., Hernandez-Castro, J. C., Estevez-Tapiador, J. M., & Ribagorda, A. (2006b). EMAP: An efficient mutual authentication protocol for low-cost RFID tags. OTM Federated Conferences and Workshop: IS Workshop.
Peris-Lopez, P., Hernandez-Castro, J. C., Estevez-Tapiador, J. M., & Ribagorda, A. (2006c). Authentication protocol for low-cost RFID. International Conference on Ubiquitous Intelligence and Computing UIC’06, LNCS 4159 (pp. 912–923). Springer.
Peris-Lopez, P., Li, T., Lim, T. L. et al. (2008). Vulnerability analysis of a mutual authentication scheme under the EPC class-1 generation-2 standard. RFIDsec’08, Budapest, Hungary.
Song, B., & Mitchell, C. J. (2008). RFID authentication protocol for low-cost tags. First ACM Conference on Wireless Network Security (pp. 140–147).
Vajda, I., & Buttyan, L. (2003). Lightweight authentication protocols for low-cost RFID tags. In Second workshop on security in ubiquitous computing—Ubicomp.
Weis, S., Sarma, S., Rivest, R., & Engels, D. (2003). Security and privacy aspects of low-cost radio frequency identification systems. 1st International Conference on Security in Pervasive Computing.
Yksel, K., Kaps, J. P., & Sunar, B. (2004). Universal hash functions for emerging ultralow-power networks. CNDS’04.
Author information
Authors and Affiliations
Corresponding author
Rights and permissions
About this article
Cite this article
Zhou, S., Zhang, Z., Luo, Z. et al. A lightweight anti-desynchronization RFID authentication protocol. Inf Syst Front 12, 521–528 (2010). https://doi.org/10.1007/s10796-009-9216-6
Published:
Issue Date:
DOI: https://doi.org/10.1007/s10796-009-9216-6