A secure search protocol for lightweight and low-cost RFID systems


In radio frequency identification (RFID) systems, search protocols are used to find a specific item in a large number of tagged products. These protocols should be secure against RFID attacks such as traceability, impersonation, DoS and eavesdropping. Sundaresan et al. (IEEE Trans Dependable Secure Comput, 2015) presented a server-less search protocol based on 128-bits PRNG function and claimed that their method can address all vulnerabilities of previous protocols. In this paper, we prove that Sundaresan et al.’s protocol is vulnerable to traceability attack with the high probability. In addition, we present an improved protocol to solve the proposed problem and analyze its security level informally and formally based on AVISPA tool and BAN logic.

This is a preview of subscription content, access via your institution.

Fig. 1
Fig. 2
Fig. 3
Fig. 4
Fig. 5
Fig. 6
Fig. 7


  1. 1.

    Alcaide, A., Palomar, E., Fuentes, J., & Gonzalez-Manzano, L. (2015). Privacy 8211; aware average speed monitoring system for vehicular ad-hoc networks. IET Intelligent Transport Systems, 9(3), 293–305. doi:10.1049/iet-its.2013.0202.

    Article  Google Scholar 

  2. 2.

    Anantha Narayanan, V., Suresh Kumar, V., & Rajeswari, A. (2014). Enhanced fast iterative localized re-authentication protocol for UMTS-WLAN interworking. In Electronics and communication systems (ICECS), 2014 international conference on (pp. 1–5). doi:10.1109/ECS.2014.6892696.

  3. 3.

    Ben Ameur, S., Zarai, F., Smaoui, S., Obaidat, M., & Hsiao, K. (2014). A lightweight mutual authentication mechanism for improving fast PMIPV6-based network mobility scheme. In Network infrastructure and digital content (IC-NIDC), 2014 4th IEEE international conference on (pp. 61–68). doi:10.1109/ICNIDC.2014.7000266.

  4. 4.

    Cao, T., Bertino, E., & Lei, H. (2009). Security analysis of the SASI protocol. IEEE Transactions on Dependable and Secure Computing, 6(1), 73–77. doi:10.1109/TDSC.2008.32.

    Article  Google Scholar 

  5. 5.

    Chang, S., Lu, L., Liu, X., Song, H., & Yao, Q. (2015). Vulnerability aware graphs for RFID protocol security benchmarking. Journal of Computer and System Sciences, 81(6), 1027–1041.

    Article  Google Scholar 

  6. 6.

    Chen, M., Luo, W., Mo, Z., Chen, S., & Fang, Y. (2016). An efficient tag search protocol in large-scale RFID systems with noisy channel. IEEE/ACM Transactions on Networking (TON), 24(2), 703–716.

    Article  Google Scholar 

  7. 7.

    Chengzhe, L., Hui, L., Yueyu, Z., & Jin, C. (2013). Simple and low-cost re-authentication protocol for HeNB. China Communications, 10(1), 105–115. doi:10.1109/CC.2013.6457534.

    Article  Google Scholar 

  8. 8.

    Chien, H. Y. (2007). SASI: A new ultralightweight RFID authentication protocol providing strong authentication and strong integrity. IEEE Transactions on Dependable and Secure Computing, 4(4), 337–340. doi:10.1109/TDSC.2007.70226.

    Article  Google Scholar 

  9. 9.

    Choi, S., Yang, B., Cheung, H., & Yang, Y. (2015). RFID tag data processing in manufacturing for track-and-trace anti-counterfeiting. Computers in Industry, 68, 148–161.

    Article  Google Scholar 

  10. 10.

    Chun, J. Y., Hwang, J. Y., & Lee, D. H. (2011). RFID tag search protocol preserving privacy of mobile reader holders. IEICE Electronics Express, 8(2), 50–56. doi:10.1587/elex.8.50.

    Article  Google Scholar 

  11. 11.

    D’Arco, P., & De Santis, A. (2011). On ultralightweight RFID authentication protocols. IEEE Transactions on Dependable and Secure Computing, 8(4), 548–563. doi:10.1109/TDSC.2010.75.

  12. 12.

    Deng, M., Yang, W., & Zhu, W. (2014). Weakness in a serverless authentication protocol for radio frequency identification. In W. Wang (Ed.), Mechatronics and automatic control systems, lecture notes in electrical engineering (Vol. 237, pp. 1055–1061). Berlin: Springer.

  13. 13.

    El Bouabidi, I., Ben Ameur, S., Smaoui, S., Zarai, F., Obaidat, M., & Kamoun, L. (2014). Secure macro mobility protocol for new generation access network. In Wireless communications and mobile computing conference (IWCMC), 2014 international (pp. 518–523). doi:10.1109/IWCMC.2014.6906410.

  14. 14.

    Hamdane, B., El Fatmi, S., & Serhrouchni, A. (2014). A novel name-based security mechanism for information-centric networking. In Wireless communications and networking conference (WCNC), 2014 IEEE (pp. 2928–2933). doi:10.1109/WCNC.2014.6952919.

  15. 15.

    Hoque, M., Rahman, F., Ahamed, S., & Park, J. (2010). Enhancing privacy and security of RFID system with serverless authentication and search protocols in pervasive environments. Wireless Personal Communications, 55(1), 65–79. doi:10.1007/s11277-009-9786-0.

    Article  Google Scholar 

  16. 16.

    Hossain, M. S., & Ahamed, S. I. (2008). Towards a simple secured searching protocol for future RFID applications. In Future trends of distributed computing systems, 2008. FTDCS’08. 12th IEEE international workshop on (pp. 151–157). IEEE.

  17. 17.

    Jakkhupan, W., Arch-int, S., & Li, Y. (2015). Erratum to: An RFID-based traceability system. Telecommunication Systems, 58(3), 273–273. doi:10.1007/s11235-014-9947-7.

    Article  Google Scholar 

  18. 18.

    Jannati, H., & Bahrak, B. (2016). Security analysis of an RFID tag search protocol. Information Processing Letters, 116(10), 618–622.

    Article  Google Scholar 

  19. 19.

    Kasraoui, M., Cabani, A., & Chafouk, H. (2014). Formal verification of wireless sensor key exchange protocol using AVISPA. In Computer, consumer and control (IS3C), 2014 international symposium on (pp. 387–390). doi:10.1109/IS3C.2014.107.

  20. 20.

    Kim, Z., Kim, J., Kim, K., Choi, I., & Shon, T. (2011). Untraceable and serverless RFID authentication and search protocols. In Parallel and distributed processing with applications workshops (ISPAW), 2011 ninth IEEE international symposium on (pp. 278–283). doi:10.1109/ISPAW.2011.66.

  21. 21.

    Kulseng, L., Yu, Z., Wei, Y., & Guan, Y. (2009). Lightweight secure search protocols for low-cost RFID systems. In Distributed computing systems, 2009. ICDCS’09. 29th IEEE international conference on (pp. 40–48). IEEE.

  22. 22.

    Lai, Y. C., Hsiao, L. Y., & Lin, B. S. (2015). Optimal slot assignment for binary tracking tree protocol in RFID tag identification. IEEE/ACM Transactions on Networking, 23(1), 255–268.

    Article  Google Scholar 

  23. 23.

    Lee, C. F., Chien, H. Y., & Laih, C. S. (2012). Server-less RFID authentication and searching protocol with enhanced security. International Journal of Communication Systems, 25(3), 376–385. doi:10.1002/dac.1246.

    Article  Google Scholar 

  24. 24.

    Lee, Y. K., Batina, L., Singelée, D., & Verbauwhede, I. (2010). Low-cost untraceable authentication protocols for RFID. In Proceedings of the third ACM conference on wireless network security (pp. 55–64). ACM.

  25. 25.

    Lin, I. C., Hsu, H. H., & Cheng, C. Y. (2014). A cloud-based authentication protocol for RFID supply chain systems. Journal of Network and Systems Management,. doi:10.1007/s10922-014-9329-1.

    Google Scholar 

  26. 26.

    Lin, I. C., Tsaur, S. C., & Chang, K. P. (2009). Lightweight and serverless rfid authentication and search protocol. In Computer and electrical Engineering, 2009. ICCEE ’09. Second international conference on (Vol. 2, pp. 95–99). doi:10.1109/ICCEE.2009.159.

  27. 27.

    Lin, X. H., Wang, H., Kwok, Y. K., Chen, B., Dai, M., & Zhang, L. (2015). Exploiting the prefix information to enhance the performance of FSA-based RFID systems. Computer Communications, 56, 108–118.

    Article  Google Scholar 

  28. 28.

    Litian, D., Zizhong, W. J., & Fu, D. (2015). An identification algorithm in grouping and paralleling for data-intensive RFID systems. In Big data computing and communications (pp. 337–346). Berlin: Springer.

  29. 29.

    Liu, X., Xiao, B., Zhang, S., Bu, K., & Chan, A. (2015). Step: A time-efficient tag searching protocol in large RFID systems. IEEE Transactions on Computers, 64(11), 3265–3277. doi:10.1109/TC.2015.2394461.

    Article  Google Scholar 

  30. 30.

    Lv, C., Li, H., Ma, J., & Niu, B. (2012). Vulnerability analysis of lightweight secure search protocols for low-cost RFID systems. International Journal of Radio Frequency Identification Technology and Applications, 4(1), 3–12.

    Article  Google Scholar 

  31. 31.

    Ma, D., Saxena, N., Xiang, T., & Zhu, Y. (2013). Location-aware and safer cards: Enhancing RFID security and privacy via location sensing. IEEE Transactions on Dependable and Secure Computing, 10(2), 57–69. doi:10.1109/TDSC.2012.89.

    Article  Google Scholar 

  32. 32.

    Ning, H., Liu, H., & Yang, L. (2015). Aggregated-proof based hierarchical authentication scheme for the internet of things. IEEE Transactions on Parallel and Distributed Systems, 26(3), 657–667. doi:10.1109/TPDS.2014.2311791.

    Article  Google Scholar 

  33. 33.

    Odelu, V., Das, A., & Goswami, A. (2015). A secure biometrics-based multi-server authentication protocol using smart cards. IEEE Transactions on Information Forensics and Security, 10(9), 1953–1966. doi:10.1109/TIFS.2015.2439964.

    Article  Google Scholar 

  34. 34.

    Raheem, A., Lasebae, A., & Loo, J. (2014). A secure authentication protocol for IP-based wireless sensor communications using the location/id split protocol (LISP). In Trust, security and privacy in computing and communications (TrustCom), 2014 IEEE 13th international conference on (pp. 840–845). doi:10.1109/TrustCom.2014.135.

  35. 35.

    Safkhani, M., Peris-Lopez, P., Bagheri, N., Naderi, M., & Hernandez-Castro, J. C. (2012). On the security of Tan et al. serverless RFID authentication and search protocols. In Radio frequency identification. Security and privacy issues (pp. 1–19). Berlin: Springer.

  36. 36.

    Smaoui, S., Ben Ameur, S., El Bouabidi, I., Zarai, F., & Obaidat, M. (2014). Secure micro mobility protocol for new generation wireless network. In Wireless communications and mobile computing conference (IWCMC), 2014 international (pp. 895–900). doi:10.1109/IWCMC.2014.6906474.

  37. 37.

    Sun, H. M., Ting, W. C., & Wang, K. H. (2011). On the security of Chien’s ultralightweight RFID authentication protocol. IEEE Transactions on Dependable and Secure Computing, 8(2), 315–317. doi:10.1109/TDSC.2009.26.

    Article  Google Scholar 

  38. 38.

    Sundaresan, S., Doss, R., Piramuthu, S., & Zhou, W. (2014). A robust grouping proof protocol for RFID EPC C1G2 tags. IEEE Transactions on Information Forensics and Security, 9(6), 961–975.

    Article  Google Scholar 

  39. 39.

    Sundaresan, S., Doss, R., Piramuthu, S., & Zhou, W. (2015). Secure tag search in RFID systems using mobile readers. IEEE Transactions on Dependable and Secure Computing, 12(2), 230–242.

  40. 40.

    Tan, C., Sheng, B., & Li, Q. (2008). Secure and serverless RFID authentication and search protocols. IEEE Transactions on Wireless Communications, 7(4), 1400–1407.

    Article  Google Scholar 

  41. 41.

    Won, T. Y., Chun, J. Y., & Lee, D. H. (2008). Strong authentication protocol for secure RFID tag search without help of central database. In Embedded and ubiquitous computing, 2008. EUC’08. IEEE/IFIP international conference on (Vol. 2, pp. 153–158). IEEE.

  42. 42.

    Xie, W., Xie, L., Zhang, C., Wang, Q., Wang, C., & Tang, C. (2014). TOA: A tag-owner-assisting RFID authentication protocol toward access control and ownership transfer. Security and Communication Networks, 7(5), 934–944. doi:10.1002/sec.965.

    Article  Google Scholar 

  43. 43.

    Yan, R., Liu, J., & Sun, R. (2015). An efficient authenticated key exchange protocol for wireless body area network. In J. Mu, Q. Liang, W. Wang, B. Zhang, & Y. Pi (Eds.), The proceedings of the third international conference on communications, signal processing, and systems, lecture notes in electrical engineering (Vol. 322, pp. 51–58). Berlin: Springer.

  44. 44.

    Yan, X. Q., Liu, Y., Li, B., & Liu, X. M. (2015). A memoryless binary query tree based successive scheme for passive RFID tag collision resolution. Information Fusion, 22, 26–38.

    Article  Google Scholar 

  45. 45.

    Yin, X., & Li, W. (2012). Lp0: A RFID authentication protocol for low-cost tags without back-end database. In Computer distributed control and intelligent environmental monitoring (CDCIEM), 2012 international conference on (pp. 393–396). IEEE.

  46. 46.

    Yoon, H. S., & Youm, H. Y. (2011). An anonymous search protocol for RFID systems. Journal of Convergence Information Technology, 6(8), 44–50.

  47. 47.

    Zhang, S., Liu, X., Wang, J., Cao, J., & Min, G. (2015). Energy efficient active tag searching in large scale RFID systems. Information Sciences, 317, 143–156.

    Article  Google Scholar 

  48. 48.

    Zheng, Y., & Li, M. (2013). Fast tag searching protocol for large-scale RFID systems. IEEE/ACM Transactions on Networking (TON), 21(3), 924–934.

    Article  Google Scholar 

  49. 49.

    Zhou, R., Liu, Z., Lai, Y., & Liu, J. (2015). Study on authentication protocol of SDN trusted domain. In Autonomous decentralized systems (ISADS), 2015 IEEE twelfth international symposium on (pp. 281–284). doi:10.1109/ISADS.2015.29.

  50. 50.

    Zhuang, X., Zhu, Y., & Chang, C. C. (2014). A new ultralightweight RFID protocol for low-cost tags: \(r^{2}ap\). Wireless Personal Communications, 79(3), 1787–1802. doi:10.1007/s11277-014-1958-x.

    Article  Google Scholar 

  51. 51.

    Zuo, Y. (2010). Secure and private search protocols for RFID systems. Information Systems Frontiers, 12(5), 507–519. doi:10.1007/s10796-009-9208-6.

    Article  Google Scholar 

Download references

Author information



Corresponding author

Correspondence to Mehdi Hosseinzadeh.

Rights and permissions

Reprints and Permissions

About this article

Verify currency and authenticity via CrossMark

Cite this article

Eslamnezhad Namin, M., Hosseinzadeh, M., Bagheri, N. et al. A secure search protocol for lightweight and low-cost RFID systems. Telecommun Syst 67, 539–552 (2018). https://doi.org/10.1007/s11235-017-0351-y

Download citation


  • RFID
  • Secure search
  • Tag search
  • Serverless search
  • Security protocols