Authentication Protocol of RFID System Based on Security Policy

Abstract

In this paper, we analyzed security and privacy problems of the current low-cost RFID system, and proposed a new RFID authentication protocol based on security policy. This protocol used these methods like setting tag information permissions according to fields and assigning tags with different privacy levels to prevent the authorized tag`s unauthorized information leakage and protected the user's privacy more effectively. Selective one-way/two-way authentication and interested in information transfer mechanism, which can reduce the communication capacity in the whole process of protocol significantly, enable the certification process more flexible, more specific privacy protection, At the same time, tag can reduce the tag hardware requirements by using XOR operation measures which. The security and energy consumption analysis in this paper proved that this protocol can not only protect the authorized tag`s unauthorized information security more flexible, but also reduce the system hardware requirements and communication volume. Compared with the traditional security authentication protocols, this new protocol is more suitable for low-cost RFID system.