Efficient and Low-Cost RFID Authentication Schemes

Security in passive resource-constrained Radio Frequency Identification (RFID) tags is of much interest nowadays. Resistance against illegal tracking, cloning, timing, and replay attacks are necessary for a secure RFID authentication scheme. Reader authentication is also necessary to thwart any illegal attempt to read the tags. With an objective to design a secure and low-cost RFID authentication protocol, Gene Tsudik proposed a timestamp-based protocol using symmetric keys, named YA-TRAP*. Although YA-TRAP* achieves its target security properties, it is susceptible to timing attacks, where the timestamp to be sent by the reader to the tag can be freely selected by an adversary. Moreover, in YA-TRAP*, reader authentication is not provided, and a tag can become inoperative after exceeding its pre-stored threshold timestamp value. In this paper, we propose two mutual RFID authentication protocols that aim to improve YA-TRAP* by preventing timing attack, and by providing reader authentication. Also, a tag is allowed to refresh its pre-stored threshold value in our protocols, so that it does not become inoperative after exceeding the threshold. Our protocols also achieve other security properties like forward security, resistance against cloning, replay, and tracking attacks. Moreover, the computation and communication costs are kept as low as possible for the tags. It is important to keep the communication cost as low as possible when many tags are authenticated in batch-mode. By introducing aggregate function for the reader-to-server communication, the communication cost is reduced. We also discuss different possible applications of our protocols. Our protocols thus capture more security properties and more efficiency than YA-TRAP*. Finally, we show that our protocols can be implemented using the current standard low-cost RFID infrastructures.Comment: 21 pages, Journal of Wireless Mobile Networks, Ubiquitous Computing, and Dependable Applications (JoWUA), Vol 2, No 3, pp. 4-25, 201

Tag-Reader Authentication Scheme for RFID Systems

Radio frequency Identification (RFID) system is latest a technology. It has been used in various applications in the world. Radio frequency identification (RFID) can be used in supply chain management, automated payment systems and other daily application as essential technology to enhance lives of human beings. RFID systems are vulnerable for many malicious attacks against privacy and security. To solve these problems, many authentication protocols based on cryptography scheme have been developed in order to ensure preservation of privacy. However, many of the these approaches cannot fully protect privacy in the presence of malicious readers or insider attacks. Our research work in thesis mainly focuses on designing secure RFID authentication schemes with untrace- ability. We observe a number of recent proposed RFID authentication scheme as well as related. Cryptography techniques, and then define the security and privacy requirement for our RFID systems. Our main contribution in this thesis consist proposed RFID authentication. Generally, the weakness of RFID technology is authentication systems between a reader and a tag become weak. In this thesis, we introduced RFID tag - reader authentication scheme for use under the electronic product code global frame work. Which is more efficient for possible privacy and security threats in RFID system. This scheme is based on 16-bit random number. Random number is generated by 16-bit linear feedback shift register (LFSR). 16-bit Linear feedback shift register (LFSR) is based on polynomial feed- back X16+X14+X13+X11+1. We further analysed the RFID system’s security strength against various attacking scenarios, such that man in middle attack, eavesdropping, replay attack and mutual authenticatio

Cryptanalysis of two mutual authentication protocols for low-cost RFID

Radio Frequency Identification (RFID) is appearing as a favorite technology for automated identification, which can be widely applied to many applications such as e-passport, supply chain management and ticketing. However, researchers have found many security and privacy problems along RFID technology. In recent years, many researchers are interested in RFID authentication protocols and their security flaws. In this paper, we analyze two of the newest RFID authentication protocols which proposed by Fu et al. and Li et al. from several security viewpoints. We present different attacks such as desynchronization attack and privacy analysis over these protocols.Comment: 17 pages, 2 figures, 1 table, International Journal of Distributed and Parallel system

A Survey of RFID Authentication Protocols Based on Hash-Chain Method

Security and privacy are the inherent problems in RFID communications. There are several protocols have been proposed to overcome those problems. Hash chain is commonly employed by the protocols to improve security and privacy for RFID authentication. Although the protocols able to provide specific solution for RFID security and privacy problems, they fail to provide integrated solution. This article is a survey to closely observe those protocols in terms of its focus and limitations.Comment: Third ICCIT 2008 International Conference on Convergence and Hybrid Information Technolog