Abstract
The wide deployment of RFID systems has raised many concerns about the security and privacy. Many RFID authentication protocols are proposed for these low-cost RFID tags. However, most of existing RFID authentication protocols suffer from some feasible problems. In this paper, we first discuss the feasible problems that exist in some RFID authentication protocols. Then we propose a lightweight RFID mutual authentication protocol against these feasible problems. To the best of our knowledge, it is the first scalable RFID authentication protocol that based on the SQUASH scheme. The new protocol is lightweight and can provide the forward security. In every authentication session, the tag produces the random number and the response is fresh. It also prevents the asynchronization between the reader and the tag. Additionally, the new protocol is secure against such attacks as replay attack, denial of service attack, man-in-the-middle attack and so on. We also show that it requires less cost of computation and storage than other similar protocols.
Chapter PDF
Similar content being viewed by others
References
Juels, A.: RFID security and privacy: A research survey. IEEE Journal on Selected Areas in Communications 24(2), 381–394 (2006)
Peris-Lopez, P., Hernandez-Castro, J.C., Estevez-Tapiador, J.M., Ribagorda, A.: M2AP: A Minimalist Mutual-authentication Protocol for Low-cost RFID Tags. In: Ma, J., Jin, H., Yang, L.T., Tsai, J.J.-P. (eds.) UIC 2006. LNCS, vol. 4159, pp. 912–923. Springer, Heidelberg (2006)
Lehtonen, M., Staake, T., Michahelles, F.: From identification to authentication-a review of RFID product authentication techniques. In: Networked RFID Systems and Lightweight Cryptography, pp. 169–187 (2008)
Ohkubo, M., Suzuki, K., Kinoshita, S.: Cryptographic Approaches for Improving Security and Privacy Issues of RFID Systems. Wiley Online Library (2010)
Ohkubo, M., Suzuki, K., Kinoshita, S.: Cryptographic approach to ”privacy-friendly” tags. In: RFID Privacy Workshop. MIT, MA (2003)
Molnar, D., Wagner, D.: Privacy and security in library RFID: Issues, practices, and architectures. In: Pfitzmann, B., Liu, P. (eds.) Conference on Computer and Communications Security – ACM CCS, pp. 210–219. ACM Press, Washington, DC (2004)
Dimitriou, T.: A lightweight RFID protocol to protect against traceability and cloning attacks. In: First International Conference on Security and Privacy for Emerging Areas in Communications Networks, pp. 59–66 (2005)
Peris-Lopez, P., Hernandez-Castro, J.C., Estevez-Tapiador, J.M., Ribagorda, A.: LMAP: A real lightweight mutual authentication protocol for low-cost RFID tags. In: Proceedings of 2nd Workshop on RFID Security (2006)
Li, T., Wang, G.: Security analysis of two ultra-lightweight RFID authentication protocols. In: New Approaches for Security, Privacy and Trust in Complex Environments, pp. 109–120 (2007)
Chien, H.-Y., Chen, C.-H.: Mutual authentication protocol for RFID conforming to EPC Class 1 Generation 2 standards. Computer Standards & Interfaces 29(2), 254–259 (2007)
Berbain, C., Billet, O., Etrog, J., Gilbert, H.: An efficient forward private RFID protocol. In: Proceedings of the 16th ACM Conference on Computer and Communications Security, pp. 43–53. ACM Press (2009)
Ma, C., Li, Y., Deng, R.H., Li, T.: RFID privacy: relation between two notions, minimal condition, and efficient construction. In: Proceedings of the 16th ACM Conference on Computer and Communications Security. ACM Press, New York (2009)
Juels, A.: Minimalist Cryptography for Low-Cost RFID Tags. In: Blundo, C., Cimato, S. (eds.) SCN 2004. LNCS, vol. 3352, pp. 149–164. Springer, Heidelberg (2005)
Shamir, A.: SQUASH – A New MAC with Provable Security Properties for Highly Constrained Devices such as RFID Tags. In: Nyberg, K. (ed.) FSE 2008. LNCS, vol. 5086, pp. 144–157. Springer, Heidelberg (2008)
Duc, D.N., Park, J., Lee, H., Kim, K.: Enhancing security of EPCglobal Gen-2 RFID tag against traceability and cloning. In: Symposium on Cryptography and Information Security, Hiroshima, Japan (2006)
Langheinrich, M.: A survey of RFID privacy approaches. Personal and Ubiquitous Computing 13(6), 413–421 (2009)
Koshy, P., Valentin, J., Zhang, X.: Implementation and performance testing of the SQUASH RFID authentication protocol. In: Applications and Technology Conference (LISAT), 2010 Long Island Systems. IEEE Press, New York (2010)
Gosset, F., Standaert, F.X., Quisquater, J.J.: FPGA implementation of SQUASH. In: Proceedings of the 29th Symposium on Information Theory in the Benelux (2008)
Author information
Authors and Affiliations
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2011 Springer-Verlag Berlin Heidelberg
About this paper
Cite this paper
Jin, Y., Sun, H., Xin, W., Luo, S., Chen, Z. (2011). Lightweight RFID Mutual Authentication Protocol against Feasible Problems. In: Qing, S., Susilo, W., Wang, G., Liu, D. (eds) Information and Communications Security. ICICS 2011. Lecture Notes in Computer Science, vol 7043. Springer, Berlin, Heidelberg. https://doi.org/10.1007/978-3-642-25243-3_6
Download citation
DOI: https://doi.org/10.1007/978-3-642-25243-3_6
Publisher Name: Springer, Berlin, Heidelberg
Print ISBN: 978-3-642-25242-6
Online ISBN: 978-3-642-25243-3
eBook Packages: Computer ScienceComputer Science (R0)