Efficient Authentication for Low-Cost RFID Systems

  • Su Mi Lee
  • Young Ju Hwang
  • Dong Hoon Lee
  • Jong In Lim
Part of the Lecture Notes in Computer Science book series (LNCS, volume 3480)


RFID (Radio Frequency Identification) technology is expected to play a critical role in identifying articles and serving the growing need to combat counterfeiting and fraud. However, the use of RFID tags may cause privacy violation of people holding an RFID tag. The main privacy concerns are information leakage of a tag, traceabiltiy of the person and impersonation of a tag. In this paper, we study authentication as a method to protect privacy, especially for low-cost RFID systems, which have much restrictions in limited computing power, low die-size, and low power requirements. Therefore, cost effective means of authentication is needed to deal with these problems effectively. We propose an authentication protocol, LCAP, which needs only two one-way hash function operations and hence is quite efficient. Leakage of information is prevented in the scheme since a tag emits its identifier only after authentication. By refreshing a identifier of a tag in each session, the scheme also provides a location privacy and can recover lost massages from many attacks such as spoofing attacks.


Authentication Protocol Mutual Authentication Location Privacy Privacy Violation Limited Computing Power 
These keywords were added by machine and not by the authors. This process is experimental and the keywords may be updated as the learning algorithm improves.


Unable to display preview. Download preview PDF.

Unable to display preview. Download preview PDF.


  1. 1.
    Avoine, G., Oechslin, P.: RFID Traceability: A Multilayer Problem. Financial Cryptography (2005)Google Scholar
  2. 2.
    Auto-ID Center, 860Mhz-960MHz Class I Radio Frequency Identification Tag Radio Frequency and Logical communication Interface Specification Proposed Recommendation Version 1.0.0. Technical Report MIT-AUTOID-TR-007, AutoID Center, MIT (2002)Google Scholar
  3. 3.
    Damith, R., Daniel, E., Peter, C.: Low-Cost RFID Systems: Confronting Security and Privacy. In: Auto-ID Labs Research Workshop (2004)Google Scholar
  4. 4.
    Feldhofer, M.: An Authentication Protocol in a Security Layer for RFID Smart Tags. In: The 12th IEEE Mediterranean Electrotechnical Conference, MELECON 2004. IEEE, Los Alamitos (2004)Google Scholar
  5. 5.
    Golle, P., Jakobsson, M., Juels, A., Syversion, P.: Universal re-encryption for mixnets. In: Okamoto, T. (ed.) CT-RSA 2004. LNCS, vol. 2964, pp. 163–178. Springer, Heidelberg (2004)CrossRefGoogle Scholar
  6. 6.
    Henrici, D., Muller, P.: Hash-based Enhancement of Location Privacy for Radio-Frequency Identification Devices using Varying Identifiers. In: PerSec 2004 at IEEE PerCom (2004)Google Scholar
  7. 7.
    Juels, A.: yoking-proofs for RFID tags. In: Workshop on Pervasive Computing and Communications Security, PerSec 2004, pp. 138–143. IEEE Computer Society, Los Alamitos (2004)CrossRefGoogle Scholar
  8. 8.
    Juels, A., Pappu, R.: Squealing euros: Privacy protection in RFID-enabled banknotes. In: Wright, R.N. (ed.) FC 2003. LNCS, vol. 2742, pp. 103–121. Springer, Heidelberg (2003)CrossRefGoogle Scholar
  9. 9.
    Juels, A., Rivest, R.L., Szudlo, M.: The Blocker Tag: Selective Blocking of RFID tags for Consumer Privacy. In: the 8th ACM Conference on Computer and Communications Security, pp. 103–111. ACM Press, New York (2003)CrossRefGoogle Scholar
  10. 10.
    mCloak: Personal/corporate management of wireless devices and technology (2003),
  11. 11.
    Ohkubo, M., Suxuki, K., Kinoshita, S.: Efficient Hash-Chain Based RFID Privacy Protection Scheme. In: Ubcomp 2004 workshop (2004)Google Scholar
  12. 12.
    Ohkubo, M., Suzxuki, K., Kinoshita, S.: Cryptographic Approach to Privacy-Friendly Tags. In: RFID Privacy Workshop. MIT, USA (2003)Google Scholar
  13. 13.
    Sarma, S.E., Weis, S.A., Engels, D.W.: Radio-frequency identification systems. In: Kaliski Jr., B.S., Koç, Ç.K., Paar, C. (eds.) CHES 2002. LNCS, vol. 2523, pp. 454–469. Springer, Heidelberg (2003)CrossRefGoogle Scholar
  14. 14.
    Sarma, S.E., Weis, S.A., Engels, D.W.: RFID systems, security and privacy implications. Technical Report MIT-AUTOID-WH-014, AutoID Center, MIT (2002)Google Scholar
  15. 15.
    Weis, S.A., Sarma, S.E., Weis, S.A., Engels, D.W.: Security and privacy Aspects of Low-Cost Radio Frequency Identification Systems. In: Hutter, D., Müller, G., Stephan, W., Ullmann, M. (eds.) Security in Pervasive Computing. LNCS, vol. 2802, pp. 201–212. Springer, Heidelberg (2004), CrossRefGoogle Scholar

Copyright information

© Springer-Verlag Berlin Heidelberg 2005

Authors and Affiliations

  • Su Mi Lee
    • 1
  • Young Ju Hwang
    • 1
  • Dong Hoon Lee
    • 1
  • Jong In Lim
    • 1
  1. 1.Center for Information Security Technologies(CIST)Korea UniversitySeoulKorea

Personalised recommendations