EMAP: An Efficient Mutual-Authentication Protocol for Low-Cost RFID Tags

  • Pedro Peris-Lopez
  • Julio Cesar Hernandez-Castro
  • Juan M. Estevez-Tapiador
  • Arturo Ribagorda
Conference paper
Part of the Lecture Notes in Computer Science book series (LNCS, volume 4277)


RFID tags are devices of very limited computational capabilities, which only have 250-3K logic gates that can be devoted to security-related tasks. Many proposals have recently appeared, but all of them are based on RFID tags using classical cryptographic primitives such as PRNGs, hash functions, block ciphers, etc. We believe this assumption to be fairly unrealistic, as classical cryptographic constructions lie well beyond the computational reach of very low-cost RFID tags. A new approach is necessary to tackle this problem, so we propose an extremely efficient lightweight mutual-authentication protocol that offers an adequate security level for certain applications and can be implemented even in the most limited low-cost RFID tags, as it only needs around 150 gates.


Ubiquitous Computing RFID Tag Reader Privacy Tracking Pseudonym Mutual-authentication 


Unable to display preview. Download preview PDF.

Unable to display preview. Download preview PDF.


  1. 1.
    Choi, E.Y., Lee, S.M., Lee, D.H.: Efficient RFID authentication protocol for ubiquitous computing environment. In: Proc. of SECUBIQ 2005 (2005)Google Scholar
  2. 2.
    Dimitriou, T.: A lightweight RFID protocol to protect against traceability and cloning attacks. In: Proc. of SECURECOMM 2005 (2005)Google Scholar
  3. 3.
    Feldhofer, M., Dominikus, S., Wolkerstorfer, J.: Strong authentication for RFID systems using the AES algorithm. In: Joye, M., Quisquater, J.-J. (eds.) CHES 2004. LNCS, vol. 3156, pp. 357–370. Springer, Heidelberg (2004)CrossRefGoogle Scholar
  4. 4.
    Henrici, D., Müller, P.: Hash-based enhancement of location privacy for radio-frequency identification devices using varying identifiers. In: Proc. of PERSEC 2004, pp. 149–153. IEEE Computer Society Press, Los Alamitos (2004)Google Scholar
  5. 5.
    Juels, A.: Minimalist cryptography for low-cost RFID tags. In: Blundo, C., Cimato, S. (eds.) SCN 2004. LNCS, vol. 3352, pp. 149–164. Springer, Heidelberg (2005)CrossRefGoogle Scholar
  6. 6.
    Lohmmann, T., Schneider, M., Ruland, C.: Analysis of power constraints for cryptographic algorithms in mid-cost RFID tags. In: Domingo-Ferrer, J., Posegga, J., Schreckling, D. (eds.) CARDIS 2006. LNCS, vol. 3928, pp. 278–288. Springer, Heidelberg (2006)CrossRefGoogle Scholar
  7. 7.
    Marsaglia, G., Tsang, W.W.: Some difficult-to-pass tests of randomness. Journal of Statistical Software 7(3), 37–51 (2002)Google Scholar
  8. 8.
    Ohkubo, M., Suzuki, K., Kinoshita, S.: Cryptographic approach to “privacy-friendly” tags. In: RFID Privacy Workshop (2003)Google Scholar
  9. 9.
    Sarma, S.E., Weis, S.A., Engels, D.W.: RFID Systems and Security and Privacy Implications. In: Kaliski Jr., B.S., Koç, Ç.K., Paar, C. (eds.) CHES 2002. LNCS, vol. 2523, pp. 454–470. Springer, Heidelberg (2003)CrossRefGoogle Scholar
  10. 10.
    Suresh, C., Charanjit J., Rao, J.R., Rohatgi, P.: A cautionary note regarding evaluation of AES candidates on smart-cards. In: Second Advanced Encryption Standard (AES) Candidate Conference (1999),
  11. 11.
    Datasheet Helion Technology. MD5, SHA-1, SHA-256 hash core for Asic. (2005),
  12. 12.
    Vajda, I., Buttyán, L.: Lightweight authentication protocols for low-cost RFID tags. In: Dey, A.K., Schmidt, A., McCarthy, J.F. (eds.) UbiComp 2003. LNCS, vol. 2864, Springer, Heidelberg (2003)Google Scholar
  13. 13.
    Walker, J.: ENT Randomness Test (1998),
  14. 14.
    Weis, S.A., Sarma, S.E., Rivest, R.L., Engels, D.W.: Security and Privacy Aspects of Low-Cost Radio Frequency Identification Systems. In: Hutter, D., Müller, G., Stephan, W., Ullmann, M. (eds.) Security in Pervasive Computing. LNCS, vol. 2802, pp. 201–212. Springer, Heidelberg (2004)CrossRefGoogle Scholar
  15. 15.
    Yang, J., Park, J., Lee, H., Ren, K., Kim, K.: Mutual authentication protocol for low-cost RFID. In: Ecrypt Workshop on RFID and Lightweight Crypto (2005)Google Scholar
  16. 16.
    Yüksel, K., Kaps, J.P., Sunar, B.: Universal hash functions for emerging ultra-low-power networks. In: Proc. of CNDS 2004 (2004)Google Scholar

Copyright information

© Springer-Verlag Berlin Heidelberg 2006

Authors and Affiliations

  • Pedro Peris-Lopez
    • 1
  • Julio Cesar Hernandez-Castro
    • 1
  • Juan M. Estevez-Tapiador
    • 1
  • Arturo Ribagorda
    • 1
  1. 1.Computer Science DepartmentCarlos III University of Madrid 

Personalised recommendations