Strand spaces: proving security protocols correct
Journal of Computer Security
PERCOMW '04 Proceedings of the Second IEEE Annual Conference on Pervasive Computing and Communications Workshops
PERCOMW '04 Proceedings of the Second IEEE Annual Conference on Pervasive Computing and Communications Workshops
An Approach to Security and Privacy of RFID System for Supply Chain
CEC-EAST '04 Proceedings of the E-Commerce Technology for Dynamic E-Business, IEEE International Conference
Privacy and security in library RFID: issues, practices, and architectures
Proceedings of the 11th ACM conference on Computer and communications security
RFID: A Technical Overview and Its Application to the Enterprise
IT Professional
The Pros and Cons of RFID in Supply Chain Management
ICMB '05 Proceedings of the International Conference on Mobile Business
YA-TRAP: Yet Another Trivial RFID Authentication Protocol
PERCOMW '06 Proceedings of the 4th annual IEEE international conference on Pervasive Computing and Communications Workshops
Mutual authentication protocol for RFID conforming to EPC Class 1 Generation 2 standards
Computer Standards & Interfaces
Protocols for RFID tag/reader authentication
Decision Support Systems
A novel mutual authentication scheme based on quadratic residues for RFID systems
Computer Networks: The International Journal of Computer and Telecommunications Networking
LAMED - A PRNG for EPC Class-1 Generation-2 RFID specification
Computer Standards & Interfaces
Cryptanalysis of a novel authentication protocol conforming to EPC-C1G2 standard
Computer Standards & Interfaces
New mutual agreement protocol to secure mobile RFID-enabled devices
Information Security Tech. Report
A study on secure RFID mutual authentication scheme in pervasive computing environment
Computer Communications
ERAP: ECC Based RFID Authentication Protocol
FTDCS '08 Proceedings of the 2008 12th IEEE International Workshop on Future Trends of Distributed Computing Systems
EUROCRYPT '09 Proceedings of the 28th Annual International Conference on Advances in Cryptology: the Theory and Applications of Cryptographic Techniques
PAP: A privacy and authentication protocol for passive RFID tags
Computer Communications
Anti-cloning protocol suitable to EPCglobal Class-1 Generation-2 RFID systems
Computer Standards & Interfaces
ECC-based lightweight authentication protocol with untraceability for low-cost RFID
Journal of Parallel and Distributed Computing
Engineering Applications of Artificial Intelligence
On a new formal proof model for RFID location privacy
Information Processing Letters
Cryptography and authentication on RFID passive tags for apparel products
Computers in Industry
Software performance of universal hash functions
EUROCRYPT'99 Proceedings of the 17th international conference on Theory and application of cryptographic techniques
An efficient mutual authentication scheme for EPCglobal class-1 generation-2 RFID system
EUC'07 Proceedings of the 2007 conference on Emerging direction in embedded and ubiquitous computing
Securing RFID systems conforming to EPC Class 1 Generation 2 standard
Expert Systems with Applications: An International Journal
Improvement of the RFID authentication scheme based on quadratic residues
Computer Communications
Defending RFID authentication protocols against DoS attacks
Computer Communications
Engineering Applications of Artificial Intelligence
Authenticating pervasive devices with human protocols
CRYPTO'05 Proceedings of the 25th annual international conference on Advances in Cryptology
RFID security and privacy: a research survey
IEEE Journal on Selected Areas in Communications
Hi-index | 0.00 |
In this paper we propose a novel approach to authentication and privacy in mobile RFID systems based on quadratic residues and in conformance to EPC Class-1 Gen-2 specifications. Recently, Chen et al. (2008) [10] and Yeh et al. (2011) [11] have both proposed authentication schemes for RFID systems based on quadratic residues. However, these schemes are not suitable for implementation on low-cost passive RFID tags as they require the implementation of hash functions on the tags. Consequently, both of these current methods do not conform to the EPC Class-1 Gen-2 standard for passive RFID tags which from a security perspective requires tags to only implement cyclic redundancy checks (CRC) and pseudo-random number generators (PRNG) leaving about 2.5k-5k gates available for any other security operations. Further, due to secure channel assumptions both schemes are not suited for mobile/wireless reader applications. We present the collaborative authentication scheme suitable for mobile/wireless reader RFID systems where the security of the server-reader channel cannot be guaranteed. Our schemes achieves authentication of the tag, reader and back-end server in the RFID system and protects the privacy of the communication without the need for tags to implement expensive hash functions. Our scheme is the first quadratic residues based scheme to achieve compliance to EPC Class-1 Gen-2 specifications. Through detailed security analysis we show that the collaborative authentication scheme achieves the required security properties of tag anonymity, reader anonymity, reader privacy, tag untraceability and forward secrecy. In addition, it is resistant to replay, impersonation and desynchronisation attacks. We also show through strand space analysis that the proposed approach achieves the required properties of agreement, originality and secrecy between the tag and the server.