A Lightweight Mutual Authentication Protocol for RFID

Conference paper
Part of the Lecture Notes in Electrical Engineering book series (LNEE, volume 260)


In order to protect the tag and its communication, the authentication between the tag and the reader as well as its backend database is necessary. The paper proposed a mutual authentication protocol by introducing pointer and check number pool which make a simple random number to hide the ID information and disturb the static answers in challenge-response of the protocol. The check number pair selected from the pool in each authentication turn is also pointed out by a random number which controls the shifting of the pointer in pool. The analysis shows that the protocol can resist the common attacks in RFID communication with low computation overhead.


IoT RFID Check number pool Pointer Security 



This work is supported by National Natural Science Foundation of China under Grant 61201159, the Beijing Municipal Organization Department of talents training-funded project (2010D005017000008), Beijing Institute of Architectural Engineering School research fund (Z10053) and Jilin University Key Laboratory of Symbolic Computation and Knowledge Engineering of Ministry of Education research fund (93 K-17-2012-02).


  1. 1.
    Sarma SE, Wreis SA, Engels DW (2003) Radio frequency identification: Secure risks and challenges. RSA Laboratories Cryptobytes 6(1):2–9Google Scholar
  2. 2.
    Sarma SE, Wreis SA, Engels DW (2003) RFID systems and security and privacy implications. In: Proceedings of the 4th intemational workshop on cryptographic hardware and embedded systems, pp 454–469Google Scholar
  3. 3.
    Juels A, Rivest RL, Szydlo M (2003) The blocker tag: selective blocking of RFID tags for consumer privacy. In: Proceedings of the 10th ACM conference on computer and communications security, Washington DC, USA, pp 103–111Google Scholar
  4. 4.
    Ohkubo M, Suzuki K, Kinoshita S (2004) Hash-chain based forward-secure privacy protection scheme for low-cost RFID. In: Proceedings of the 2004 symposium on cryptography and information security (scis 2004), Sendai, pp 719–724Google Scholar
  5. 5.
    Rhee K, Kwak J, Kim S (2005) Challenge-response based RFID authentication protocol for distributed database environment. In: Proceedings of the 2nd international conference on security in pervasive computing (SPC 2005). Lectures Notes in Computer Science 3450. Springer, Berlin, pp 70–84Google Scholar
  6. 6.
    Duc DN, Park J, Lee H, et a1 (2006) Enhancing security of EPC global gen 2 RFID tag against traceability and cloning. In: Symposium on cryptography and information security-SCIS 2006, Hiroshima, JapanGoogle Scholar
  7. 7.
    Chien H, Chen C (2007) Mutual authentication protocol for RFID conforming to EPC class 1 generation 2 standards. Comput Stand Interfaces 29(2):254–259MathSciNetCrossRefGoogle Scholar
  8. 8.
    Yuan S, Dai H, Lai S (2008) Hash based RFID authentication protocol. Comput Eng 12:51Google Scholar
  9. 9.
    Yang L, Chen Z (2010) A mutual authentication protocol for low-cost RFIDGoogle Scholar
  10. 10.
    Juels A (2007) RFID security and privacy: a research survey. IEEE J Sel Areas in Commun 24:381Google Scholar
  11. 11.
    Tian Y, Chen G, Li J (2012) A new ultralightweight RFID authentication protocol with permutation. Commun Lett IEEE 16(5):702–705CrossRefGoogle Scholar
  12. 12.
    Di Pietro R, Molva R. Information confinement, privacy, and security in RFID systems. In: Computer security–ESORICS 2007. Springer, Berlin, pp 187–202Google Scholar
  13. 13.
    Blass EO, Kurmus A, Molva R et al (2011) The F_f-family of protocols for RFID-privacy and authentication. IEEE Trans Dependable Secure Comput 8(3):466–480CrossRefGoogle Scholar
  14. 14.
    Liu AX, Bailey LRA (2009) PAP: a privacy and authentication protocol for passive RFID tags. Comput Commun 32(7):1194–1199CrossRefGoogle Scholar
  15. 15.
    Molnar D, Wagner D (2004) Privacy and security in library RFID: issues, practices, and architectures. In: Proceedings of the 11th ACM conference on computer and communications security, pp 210–219Google Scholar
  16. 16.
    Lee S, Asano T, Kim K (2006) RFID mutual authentication scheme based on synchronized secret information. In: Symposium on cryptography and information securityGoogle Scholar

Copyright information

© Springer Science+Business Media Dordrecht 2014

Authors and Affiliations

  1. 1.Science SchoolBeijing University of Civil Engineering and ArchitectureBeijingChina
  2. 2.Beijing Key Laboratory of Communication and Information Systems, School of Electronic and Information EngineeringBeijing Jiaotong UniversityBeijingChina

Personalised recommendations