Skip to main content

Weaknesses in Two RFID Authentication Protocols

  • Conference paper

Part of the Lecture Notes in Computer Science book series (LNSC,volume 9084)


One of the most important challenges related to Radio Frequency Identification (RFID) systems is security. In this paper, we analyze the security and performance of two recent RFID authentication protocols based on two different code-based cryptography schemes. The first one, proposed by Malek and Miri, is based on randomized McEliece cryptosystem. The second one, proposed by Li et al., is based on Quasi Cyclic-Moderate Density Parity Check (QC-MDPC) McEliece cryptosystem. We provide enough evidence to prove that these two RFID authentication protocols are not secure. Furthermore, we propose an improved protocol that eliminates existing weaknesses in studied protocols.


  • McEliece cryptosystem
  • RFID
  • Authentication protocol
  • Desynchronization attack
  • Traceability attack

This is a preview of subscription content, access via your institution.

Buying options

USD   29.95
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
USD   39.99
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
Softcover Book
USD   54.99
Price excludes VAT (USA)
  • Compact, lightweight edition
  • Dispatched in 3 to 5 business days
  • Free shipping worldwide - see info

Tax calculation will be finalised at checkout

Purchases are for personal use only

Learn about institutional subscriptions


Unable to display preview. Download preview PDF.

Unable to display preview. Download preview PDF.


  1. Berger, T.P., Cayrel, P.-L., Gaborit, P., Otmani, A.: Reducing key length of the mcEliece cryptosystem. In: Preneel, B. (ed.) AFRICACRYPT 2009. LNCS, vol. 5580, pp. 77–97. Springer, Heidelberg (2009)

    CrossRef  Google Scholar 

  2. Chien, H., Laih, C.: Ecc-based lightweight authentication protocol with untraceability for low-cost RFID. J. Parallel Distrib. Comput. 69(10), 848–853 (2009)

    CrossRef  Google Scholar 

  3. Cui, Y., Kobara, K., Matsuura, K., Imai, H.: Lightweight asymmetric privacy-preserving authentication protocols secure against active attack. IEICE Transactions 91-D(5), 1457–1465 (2008)

    Google Scholar 

  4. van Deursen, T., Mauw, S., Radomirović, S.: Untraceability of RFID protocols. In: Onieva, J.A., Sauveron, D., Chaumette, S., Gollmann, D., Markantonakis, K. (eds.) WISTP 2008. LNCS, vol. 5019, pp. 1–15. Springer, Heidelberg (2008)

    CrossRef  Google Scholar 

  5. Li, Z., Zhang, R., Yang, Y., Li, Z.: A provable secure mutual RFID authentication protocol based on error-correct code. In: Proceedings of 2014 International Conference on Cyber-Enabled Distributed Computing and Knowledge Discovery, pp. 73–78. IEEE (2014)

    Google Scholar 

  6. Malek, B., Miri, A.: Lightweight mutual RFID authentication. In: Proceedings of IEEE ICC 2012, pp. 868–872. IEEE (2012)

    Google Scholar 

  7. McEliece, R.J.: A public-key system based on algebraic coding theory. Tech. Rep. 44, Jet Propulsion Lab, DSN Progress Report (1978)

    Google Scholar 

  8. Misoczki, R., Barreto, P.M.: Compact McEliece keys from Goppa codes. In: Jacobson Jr., M.J., Rijmen, V., Safavi-Naini, R. (eds.) SAC 2009. LNCS, vol. 5867, pp. 376–392. Springer, Heidelberg (2009)

    CrossRef  Google Scholar 

  9. Misoczki, R., Tillich, J.P., Sendrier, N., Barreto, P.S.L.M.: MDPC-McEliece: New McEliece Variants from Moderate Density Parity-Check Codes. In: Cryptology ePrint Archive, Report 2012/409 (2012)

    Google Scholar 

  10. Nojima, R., Imai, H., Kobara, K., Morozov, K.: Semantic security for the McEliece cryptosystem without random oracles. Designs, Codes and Cryptography 49(1-3), 289–305 (2008)

    CrossRef  MATH  MathSciNet  Google Scholar 

  11. Overbeck, R., Sendrier, N.: Code-based cryptography. In: Post-Quantum Cryptography, pp. 95–145. Springer, Heidelberg (2009)

    CrossRef  Google Scholar 

  12. Sekino, T., Cui, Y., Kobara, K., Imai, H.: Privacy enhanced RFID using Quasi-Dyadic fix domain shrinking. In: Proceedings of Global Telecommunications Conference, GLOBECOM 2010, pp. 1–5. IEEE (2010)

    Google Scholar 

  13. Suzuki, M., Kobara, K., Imai, H.: Privacy enhanced and light weight RFID system without tag synchronization and exhaustive search. In: Proceedings of the IEEE International Conference on Systems, Man and Cybernetics, pp. 1250–1255. IEEE (2006)

    Google Scholar 

Download references

Author information

Authors and Affiliations


Corresponding author

Correspondence to Noureddine Chikouche .

Editor information

Editors and Affiliations

Rights and permissions

Reprints and Permissions

Copyright information

© 2015 Springer International Publishing Switzerland

About this paper

Cite this paper

Chikouche, N., Cherif, F., Cayrel, PL., Benmohammed, M. (2015). Weaknesses in Two RFID Authentication Protocols. In: El Hajji, S., Nitaj, A., Carlet, C., Souidi, E. (eds) Codes, Cryptology, and Information Security. C2SI 2015. Lecture Notes in Computer Science(), vol 9084. Springer, Cham.

Download citation

  • DOI:

  • Publisher Name: Springer, Cham

  • Print ISBN: 978-3-319-18680-1

  • Online ISBN: 978-3-319-18681-8

  • eBook Packages: Computer ScienceComputer Science (R0)