Provably privacy analysis and improvements of the lightweight RFID authentication protocols

Abstract

Radio Frequency Identification (RFID) systems authenticate products as well as people without any physical contact. Using RFID systems is an inevitable part of recent identifying and shopping affairs. However, RFID systems have huge hardware limitations in tags side because of their need to be as cheap as possible and in access for vast number of products. Moreover, The identity of the tag owners has to be anonymous and secure from the attackers actions. These critical necessities have made researchers to concentrate on designing lightweight secure authentication protocols. In this paper, four new designed lightweight RFID authentication protocols are analyzed. Security and privacy of each protocol is analyzed, and the weaknesses are proved, discussed and modified. We demonstrate that none of them provide even weak privacy level. Each protocol is improved through a solution to overcome the weaknesses and provide at least the weak privacy. All of the privacy and security analysis are done in the Vaudenay model. Also, we propose a new lightweight protocol which uses the pros of the considered protocols and provides weak privacy level. Moreover, some comprehensive methods are proposed to provide weak privacy in the lightweight authentication protocols.