An efficient and secure authentication protocol for RFID systems

Abstract

The use of RFID tags may cause privacy violation of users carrying an RFID tag. Due to the unique identification number of the RFID tag, the possible privacy threats are information leakage of a tag, traceability of the consumer, denial of service attack, replay attack and impersonation of a tag. There are some challenges in providing privacy and security in the RFID tag due to the extremely limited computation, storage and communication ability of passive RFID tags. Many research works have already been conducted using hash functions and random numbers. As the same random number can recur many times the adversary can use the response derived from the same random number for replay attack and it can cause a break in location privacy. This paper proposes an RFID authentication protocol using a static identifier, a monotonically increasing timestamp, a tag side random number and a hash function to protect the RFID system from adversary attacks. The proposed protocol also indicates that it requires less storage and computation than previous existing RFID authentication protocols but offers a larger range of security protection. A simulation experiment is also conducted to verify some of the privacy and security properties of the proposed protocol.