Skip to main content

Security Enhancements of a Mutual Authentication Protocol Used in a HF Full-Fledged RFID Tag


Radio Frequency IDentification (RFID) is used in many applications such as access control, transport, ticketing and contactless payment. The full-fledged High Frequency (HF) tags are the most popular RFID tags for these applications that require relatively high cost security operations. However, these HF tags are threatened by many passive attacks such as eavesdropping, desynchronization and ElectroMagnetic (EM) Side Channel Attacks (SCA). In this article, we propose the implementation and the validation of a full-fledged HF tag architecture using an enhanced mutual authentication protocol. This is achieved using a FPGA platform. Security analysis against Electromagnetic Attack (EMA) and desynchronization attacks on the original protocol are presented. Then enhancements at the protocol level are proposed to overcome these attacks. The implementation of these security enhancements shows a low overhead (+22 LUTs) compared to previous existing security hardware solutions (+598 LUTs).

This is a preview of subscription content, access via your institution.

Fig. 1
Fig. 2
Fig. 3
Fig. 4
Fig. 5
Fig. 6
Fig. 7
Fig. 8
Fig. 9


  1. 1.

    Brier E, Clavier C, Olivier F (2004) Correlation power analysis with a leakage model. In: Proceeding of Internetional Conference of Cryptographic Hardware and Embedded Systems, CHES04, Lecture Notes in Computer Science, vol. 3156, p. 135–152, Springer

    Google Scholar 

  2. 2.

    Chien H.-Y. (2006) Secure access control schemes for RFID systems with anonymity. Proc. 2006 Int’l workshop future mobile and ubiquitous information technologies (FMUIT ‘06)

  3. 3.

    Chien H-Y (2007) SASI: a new ultra lightweight RFID authentication protocol providing strong authentication and strong integrity. IEEE Trans Dependable Secure Comput 4(4):337–340

    Article  Google Scholar 

  4. 4.

    Chien H-Y, Chen C-H (2007) Mutual authentication protocol for RFID conforming to EPC class 1 generation 2 standards. Computers Standards & Interfaces 29(2):254–259

    Article  Google Scholar 

  5. 5.

    Chou J-S, Chen Y, Wu C-L, Lin C-F (2011) An efficient RFID mutual authentication scheme based on ECC. IACR Cryptology ePrint Archive 2011:418

    Google Scholar 

  6. 6.

    Common criteria recognition arrangement for components up to EAL 4 (2011) Certification report BSI-DSZ-CC-0712-2011 for NXP Mifare DESFire EV1 MF3ICD81 from NXP semiconductors Germany GmbH. In: Federal office for information security

    Google Scholar 

  7. 7.

    Das R, Harrop P, RFID forecasts, players and opportunities 2009–2019, IdTechEx report, 2009

    Google Scholar 

  8. 8.

    Doiron TJ, Dreon ST Digital radio transceiver with encrypted key storage. United States Patent. Jan 2, 1996

  9. 9.

    Finkenzeller K (2010) RFID handbook fundamentals and applications in contactless smart cards, radio frequency identification and near-field communication, 2010 third edition

  10. 10.

    Fritzke AW, Second Lieutenant, USAF, B.S.E.E. Master Thesis: Obfuscating Against Side-Channel Power Analysis Using Hiding Techniques for AES. Air Force Institute of Technology USA. Graduate School of Engineering and Management (AFIT/EN) son Way WPAFB OH 45433–7765. 22/03/2012

  11. 11.

    Garcia FD, de Koning Gans G, Muijrers R, van Rossum P, Verdult R, Schreur RW, Jacobs B. Dismantling MIFARE Classic. ESORICS '08 Proceedings of the 13th European Symposium on Research in Computer Security: Computer security. Pages 97 – 114. Málaga, Spain — October 06–08, 2008

  12. 12.

    Garcia FD, de Koning Gans G, Verdult R (2012) Tutorial: proxmark, the swiss army knife for RFID security research. 8th workshop on RFID security and privacy (RFIDSec 2012)

  13. 13.

    Hutter M, Mangard S, Feldhofer M. Power and EM attacks on passive 13.56MHz RFID Devices. Cryptographic Hardware and Embedded Systems CHES 2007. 9th International Workshop, Vienna, Austria, September 10–13, 2007. Proceedings.

  14. 14.

    Hutter M, Schmidt J-M, Plos T (2008) RFID and its vulnerability to faults. Cryptographic Hardware and Embedded Systems. CHES

  15. 15.

    Hutter M, Schmidt J-M, Plos T (August 2009) Contact-based fault injections and power analysis on RFID tags. European Conference on Circuit Theory and Design:23–27

  16. 16.

    International Standard (1999) ISO/IEC 9798-2: information technology - security techniques - entity authentication. Part 2: mechanisms using symmetric encipherment algorithms. In: Second edition

    Google Scholar 

  17. 17.

    International standard ISO/IEC 14443. Identification cards, contactless integrated circuit(s) cards, Proximity cards, Part 2: Radio frequency power and signal interface, First edition, 2001-07-01. Part 3: Initialization and anti-collision, First edition, 2001-02-01. Part 4: Transmission protocol, 2007-06-13

  18. 18.

    Juvekar CS, Lee H-M, Kwong J, Chandrakasan AP. A Keccak-based wireless authentication tag with per-query key update and power-glitch attack countermeasures. 2016 I.E. International Solid-State Circuits Conference (ISSCC)

  19. 19.

    Kasper T, Oswald D, Paar C (2009) EM side-channel attacks on commercial contactless smart cards using low-cost equipment. In Youm, Heung Youl and Yung, editors. Information security applications: 10th international workshop, WISA 2009, Busan, Korea, August 25–27

  20. 20.

    Kasper T, von Maurich I, Oswald D, Paar C (2010) Cloning cryptographic RFID cards for 25$. Presented at the 5th Benelux Workshop on Information and System Security, WisSec 2010, November 29–30, 2010, Nijmegen, The Netherlands

  21. 21.

    Kasper T, Oswald D, Paar C (2011) Side-channel analysis of cryptographic RFIDs with analog demodulation. RFIDSec'11 Proceedings of the 7th international conference on RFID security and privacy. Pages 61-77. Amherst, MA-June 26–28

  22. 22.

    Lei H, Xin-mei L, Song-he J, Zeng-yu C (2010) A one-way Hash based low-cost authentication protocol with forward security in RFID system

  23. 23.

    Munilla J, Peinado A (2007) HB-MP: a further step in the HB-family of lightweight authentication protocols. Comput Netw 51:2262–2267.

    Article  MATH  Google Scholar 

  24. 24.

    Naija Y, Beroulle V, Hely D, Machhout M (2016) Implementation of a secured digital ultralight 14443-type A RFID tag with an FPGA platform. 2016 11th International Conference on Design & Technology of Integrated Systems in Nanoscale Era, Istanbul Turkey

  25. 25.

    Naija Y, Beroulle V, Machhout M (2017) Low cost countermeasure at authentication protocol level against electromagnetic side channel attacks on RFID tags. Int J Adv Comput Sci Appl (IJACSA) 8(11)

  26. 26.

    Nassar M, Souissi Y, Guilley S, Danger J-L (2012) RSM: a small and fast countermeasure for AES, secure against 1st and 2nd-order zero-offset SCAs. Design, Automation & Test in Europe Conference & Exhibition (DATE)

  27. 27.

    NXP Semiconductors. MIFARE classic 1K - mainstream contactless smart card IC for fast and easy solution development. Product data sheet. Rev 3.1. 21 February 2011

  28. 28.

    Ouafi K, Phan R C.-W. (2008) Traceable privacy of recent provably secure RFID protocols, in: The proceedings of ACNS 2008, LNCS, 5037, Springer-Verlag, pp. 479–489

  29. 29.

    Peris-Lopez P, Hernandez JC & Estevez-Tapiador JM & Ribagorda A (2006) EMAP: an efficient mutual authentication protocol for low-cost RFID tags”, In Proc. of IS’06, springer-Verlag, vol 4277 of LNCS, pp 352–361

  30. 30.

    Peris-Lopez P, Hernandez JC, Estevez-Tapiador JM, Arturo R (2009) Advances in ultra lightweight cryptography for low-cost RFID tags: Gossamer protocol. J Inf Sci Eng 25(1):33–57

    Google Scholar 

  31. 31.

    Pham TA, Hasan MS, Yu H (2012) A RFID mutual authentication protocol based on AES algorithm. UKACC international conference on control 2012. Cardiff, UK, 3–5 September 2012

  32. 32.

    Texas Instruments (December 2014) MIFARE DESFire EV1 AES authentication with TRF7970A. In: Appli-cation report SLOA213

    Google Scholar 

  33. 33.

    Toiruul B, Lee KO (2006) An advanced mutual-authentication algorithm using AES for RFID systems. IJCSNS Int J Comput Sci Netw Secur 9B:6

    Google Scholar 

  34. 34.

    Yang J, Park J, Lee H, Ren K, Kim K (2005) Mutual authentication protocol for low-cost RFID. Proc, Ecrypt Workshop RFID and Lightweight Crypto

    Google Scholar 

  35. 35.

    Zetter K (2006) Hackers clone E-passports:17.02.11 Available from:

  36. 36.

    Zhou YongBin, Feng DengGuo (2005) Side-channel attacks: ten years after its publication and the impacts on cryptographic module security testing. IACR Cryptology ePrint Archive, 2005-

Download references

Author information



Corresponding author

Correspondence to Yassine Naija.

Additional information

Responsible Editor: M. Barragan and K. Huang

Rights and permissions

Reprints and Permissions

About this article

Verify currency and authenticity via CrossMark

Cite this article

Naija, Y., Beroulle, V. & Machhout, M. Security Enhancements of a Mutual Authentication Protocol Used in a HF Full-Fledged RFID Tag. J Electron Test 34, 291–304 (2018).

Download citation


  • RFID
  • Mutual authentication protocol
  • ISO/IEC 14443 type A
  • EMA
  • Desynchronization
  • Security enhancements