Wireless Personal Communications

, Volume 61, Issue 1, pp 69–81

Privacy Analysis of Forward and Backward Untraceable RFID Authentication Schemes

  • Raphael C.-W. Phan
  • Jiang Wu
  • Khaled Ouafi
  • Douglas R. Stinson

DOI: 10.1007/s11277-010-0001-0

Cite this article as:
Phan, R.CW., Wu, J., Ouafi, K. et al. Wireless Pers Commun (2011) 61: 69. doi:10.1007/s11277-010-0001-0


In this paper, we analyze the first known provably secure Radio Frequency Identification (RFID) authentication schemes that are designed to provide forward untraceability and backward untraceability: the L-K and S-M schemes. We show how to trace tags in the L-K scheme without needing to corrupt tags. We also show that if a standard cryptographic pseudorandom bit generator (PRBG) is used in the S-M scheme, then the scheme may fail to provide forward untraceability and backward untraceability. To achieve the desired untraceability features, we show that the S-M scheme can use a robust PRBG which provides forward security and backward security. We also note that the backward security is stronger than necessary for the backward untraceability of the S-M scheme.


Security and privacy in mobile systemsWirelessRadio frequency identificationTraceabilityProvable securityAnalysis

Copyright information

© Springer Science+Business Media, LLC. 2010

Authors and Affiliations

  • Raphael C.-W. Phan
    • 1
  • Jiang Wu
    • 2
  • Khaled Ouafi
    • 3
  • Douglas R. Stinson
    • 4
  1. 1.Department of Electronic and Electrical EngineeringLoughborough UniversityLeicestershireUK
  2. 2.The Institute of Electronics, Communications and Information TechnologyQueen’s University BelfastBelfastUK
  3. 3.Security and Cryptography Lab (LASEC)EPFL UniversityLausanneSwitzerland
  4. 4.David R. Cheriton School of Computer ScienceUniversity of WaterlooWaterlooCanada