TY - JOUR
T1 - A realistic lightweight authentication protocol preserving strong anonymity for securing RFID system
AU - Gope, Prosanta
AU - Hwang, Tzonelih
N1 - Funding Information:
This work is financially supported by the Ministry of Science and Technology , under Contract No. MOST 103-2221-E-006-177 -. The authors would like to thank the Ministry of Science and Technology, Taiwan for their benign supports. The authors also would like to thank all the anonymous referees for their valuable suggestions.
PY - 2015/2/24
Y1 - 2015/2/24
N2 - Radio Frequency Identification (RFID) system is a contactless automatic identification system using small, low-cost RFID tag to an animate or inanimate object. Because of the advantage of simultaneous recognition of massive amounts of information, it is expected to replace the traditional bar-code system. However, two major issues with an RFID system are: i) an adversary can access the tag information, which may cause privacy and forgery problems; ii) the computational capability of the RFID tags is very limited. Although, to deal with these issues, impressive efforts have been made by designing anonymous authentication schemes with the help of lightweight cryptographic primitives such as one way hash function, symmetric key encryption/decryption, exclusive-OR. However, to the best of our knowledge none has succeeded so far. In this article, we take an initial step to shed light on the rationale underlying this prominent issue. In order to do that, we will first demonstrate that the existing lightweight cryptographic primitive based anonymous authentication protocols in RFID systems are impractical. Subsequently, we propose a realistic lightweight authentication protocol for RFID system, which can ensure various imperative security properties such as anonymity of the RFID tag, untraceability, forward security etc.
AB - Radio Frequency Identification (RFID) system is a contactless automatic identification system using small, low-cost RFID tag to an animate or inanimate object. Because of the advantage of simultaneous recognition of massive amounts of information, it is expected to replace the traditional bar-code system. However, two major issues with an RFID system are: i) an adversary can access the tag information, which may cause privacy and forgery problems; ii) the computational capability of the RFID tags is very limited. Although, to deal with these issues, impressive efforts have been made by designing anonymous authentication schemes with the help of lightweight cryptographic primitives such as one way hash function, symmetric key encryption/decryption, exclusive-OR. However, to the best of our knowledge none has succeeded so far. In this article, we take an initial step to shed light on the rationale underlying this prominent issue. In order to do that, we will first demonstrate that the existing lightweight cryptographic primitive based anonymous authentication protocols in RFID systems are impractical. Subsequently, we propose a realistic lightweight authentication protocol for RFID system, which can ensure various imperative security properties such as anonymity of the RFID tag, untraceability, forward security etc.
UR - http://www.scopus.com/inward/record.url?scp=84947040044&partnerID=8YFLogxK
UR - http://www.scopus.com/inward/citedby.url?scp=84947040044&partnerID=8YFLogxK
U2 - 10.1016/j.cose.2015.05.004
DO - 10.1016/j.cose.2015.05.004
M3 - Article
AN - SCOPUS:84947040044
SN - 0167-4048
VL - 55
SP - 271
EP - 280
JO - Computers and Security
JF - Computers and Security
ER -