An Efficient and Private RFID Authentication Protocol Supporting Ownership Transfer

Abstract: Radio Frequency IDentification based systems, which are the most famous example of ubiquitous networks, are getting pervasively deployed in many daily life applications where privacy sensitivity is entrusted to tag or server. In some applications, ownership transfer of RFID labels is another significant requirement. Specifically, the owner of RFID tags could be required to change several times during its lifetime. During the transfer, new owner first obtains necessary private information from the old owner, with these information he then takes over tag identification and authorization so as to have secure communication with tags. Security and privacy are major issue in the presence of malicious adversary. Therefore, the protocol used to identify tag should not only allow a legitimate reader to authenticate a tag but it should also protect the privacy of the tag against unauthorized tracing. Besides, after ownership transfer, the authentication protocol should also prevent the old owner to trace the tags and disallow the new owner to trace old transactions of the tags. On the other hand, while achieving privacy and security on tag and server side, the computation complexity is also very important.

In order to resolve these security and privacy problems, numerous authentication protocols have been proposed in the literature. Many of them are failed to provide security and privacy and the computation on the server side is also very high. Motivated by this need, in this paper, we first analyze an existing RFID authentication protocol and show that it does not resist against tag tracking attack. Then, we propose an RFID mutual authentication protocol which is also used to realize ownership transfer. In our protocol, the server needs only a constanttime complexity for identification when the tag and server are synchronized. In case of ownership transfer, our protocol preserves both old owner and new owner privacy. Our protocol also achieves backward untraceability against a strong adversary who compromise tag, and forward untraceability under the assumption that the adversary misses at least one subsequent successful session between the tag and the reader.

Category : secret-key cryptography / RFID, Privacy, Security, Ownership Transfer Protocol

[non commercial cryptographers]Download this Papers


  1. After representation whatsoever of your blogposts I moldiness say i pioneer this particularised one to generally be top nick. I mortal a weblog also and necessary to repost a few shear of your articles on my own diary tract. Should it be alright if I use this as daylong I private reference your web diary or create a incoming linkage to your article I procured the snipping from? If not I make and could not do it without having your tolerance . I hump collection starred this article to cheep and zynga calculate motivated for publication. Anyway revalue it either way!

  2. Great write-up, I am regular visitor of one¡¦s blog, maintain up the excellent operate, and It is going to be a regular visitor for a long time.

  3. Simply Liked it…

    Hi there I like your post….

  4. Amazing article Very nice greetings :-)!

Sorry, the comment form is closed at this time.

Comments RSS