Lightweight and Practical Anonymous Authentication Protocol for RFID Systems Using Physically Unclonable Functions

Prosanta Gope, Jemin Lee, Tony Q.S. Quek

Research output: Contribution to journalArticlepeer-review

113 Citations (Scopus)


Radio frequency identification (RFID) has been considered one of the imperative requirements for implementation of Internet-of-Things applications. It helps to solve the identification issues of the things in a cost-effective manner, but RFID systems often suffer from various security and privacy issues. To solve those issues for RFID systems, many schemes have been recently proposed by using the cryptographic primitive, called physically uncloneable functions (PUFs), which can ensure a tamper-evident feature. However, to the best of our knowledge, none of them has succeeded to address the problem of privacy preservation with the resistance of DoS attacks in a practical way. For instance, existing schemes need to rely on exhaustive search operations to identify a tag, and also suffer from several security and privacy related issues. Furthermore, a tag needs to store some security credentials (e.g., secret shared keys), which may cause several issues such as loss of forward and backward secrecy and large storage costs. Therefore, in this paper, we first propose a lightweight privacy-preserving authentication protocol for the RFID system by considering the ideal PUF environment. Subsequently, we introduce an enhanced protocol which can support the noisy PUF environment. It is argued that both of our protocols can overcome the limitations of existing schemes, and further ensure more security properties. By analyzing the performance, we have shown that the proposed solutions are secure, efficient, practical, and effective for the resource-constraint RFID tag.

Original languageEnglish
Pages (from-to)2831-2843
Number of pages13
JournalIEEE Transactions on Information Forensics and Security
Issue number11
Publication statusPublished - 2018 Nov

All Science Journal Classification (ASJC) codes

  • Safety, Risk, Reliability and Quality
  • Computer Networks and Communications


Dive into the research topics of 'Lightweight and Practical Anonymous Authentication Protocol for RFID Systems Using Physically Unclonable Functions'. Together they form a unique fingerprint.

Cite this