Traceability improvements of a new RFID protocol based on EPC C1 G2

Document Type: ORIGINAL RESEARCH PAPER

Authors

1 Department of Electrical and Computer Engineering, Science and Research Branch, Islamic Azad University, Tehran, Iran

2 Department of Electrical Engineering, Sharif University of Technology, Tehran, Iran

Abstract

Radio Frequency Identification (RFID) applications have spread all over the world. In order to provide their security and privacy, researchers proposed different kinds of protocols. In this paper, we analyze the privacy of a new protocol, proposed by Yu-Jehn in 2015 which is based on Electronic Product Code Class1 Generation 2 (EPC C1 G2) standard. By applying the Ouafi_Phan privacy model, we show that the Yu-Jehn protocol is vulnerable to secret parameter reveal attack, traceability attacks, forward traceability attack and it also does not provide the privacy of RFID users. To enhance the privacy of the analyzed protocol, an improved version of the protocol is proposed which eliminates the existing weaknesses of Yu-Jehn protocol.

Keywords


[1] Debiao He and Sherali Zeadally. An analysis of rfid authentication schemes for internet of things in healthcare environment using elliptic curve cryptography. IEEE internet of things journal, 2 (1):72_83, 2015.

[2] Ari Juels. Rfid security and privacy: A research survey. IEEE journal on selected areas in communications, 24(2):381_394, 2006.

[3] Andoni Beriain, Eduardo Entremont, J Gonzalez de Chavarri, Ibon Zalbide, and Roc Berenguer. Epc c1g2 compliant batteryless tire pressure monitoring tag with pressure and tire contact temperature. In International Workshop on Communication Technologies for Vehicles, pages 163_172. Springer, 2016.

[4] Gildas Avoine. Cryptography in radio frequency identification and fair exchange protocols. PhD thesis, Institut de systemes de communication SECTION DES SYSTEMES DE COMMUNICATION E´COLE POLYTECHNIQUE FE´DE´RALE DE LAUSANNE POUR LOBTENTION DU GRADE DE DOCTEURES SCIENCES PAR Gildas AVOINE DEA dintelligence artificielle et algorithmique, universite´ de Caen BasseNormandie, France, 2005.

[5] Nasour Bagheri, Fatemeh Baghernejhad, and Masoumeh Safkhani. On the designing of epc c1 g2 authentication protocol using akari-1 and akari-2 prngs. Information Technology And Control, 44(1):41_53, 2015.

[6] Seyed Mohammad Alavi, Karim Baghery, Behzad Abdolmaleki, and Mohammad Reza Aref. Traceability analysis of recent rfid authentication protocols. Wireless Personal Communications, 83(3):1663_1682, 2015.

[7] Hoda Jannati and Behnam Bahrak. Security analysis of an rfid tag search protocol. Information Processing Letters, 2016.

[8] Tassos Dimitriou. Key evolving rfid systems: Forward/backward privacy and ownership transfer of rfid tags. Ad Hoc Networks, 37:195_208, 2016.

[9] Karim Baghery, Behzad Abdolmaleki, Bahareh Akhbari, and Mohammad Reza Aref. Enhancing privacy of recent authentication schemes for low- cost rfid systems. The ISC International Journal of Information Security, 7(2):135_149, 2015.

[10] Hung-Yu Chien. Sasi: A new ultralightweight rfid authentication protocol providing strong authentication and strong integrity. IEEE Transactions on Dependable and Secure Computing, 4(4):337_340, 2007.

[11] Behzad Abdolmaleki, Karim Baghery, Bahareh Akhbari, and Mohammad Reza Aref. Attacks and improvements on two new-found rfid authentication protocols. In Telecommunications (IST), 2014 7th International Symposium on, pages 895_900. IEEE, 2014.

[12] Zhicai Shi, Yongxiang Xia, Yu Zhang, Yihan Wang, and Jian Dai. A crc-based lightweight authentication protocol for epcglobal class-1 gen-2 tags. In International Conference on Algorithms and Architectures for Parallel Processing, pages 632_643. Springer, 2014.

[13] Pedro Peris-Lopez, Julio Cesar Hernandez-Castro, Juan M Estevez-Tapiador, and Arturo Ribagorda. Lightweight cryptography for low-cost rfid tags. Security in RFID and Sensor Networks, pages 121_150, 2016.

[14] Yu-Chung Huang and Jehn-Ruey Jiang. Ultralightweight rfid reader-tag mutual authentication revisited. In 2015 IEEE International Conference on Mobile Services, pages 166_173. IEEE, 2015.

[15] Yung-Cheng Lee. Two ultralightweight authentication protocols for low-cost rfid tags. Applied Mathematics and Information Sciences, 6(2S): 425_431, 2012.

[16] Shahab Abdolmaleky, Shahla Atapoor, Mohammad Hajighasemlou, and Hamid Sharini. A strengthened version of a hash-based rfid server-less security scheme. Advances in Computer Science: an International Journal, 4(3):18_23, 2015.

[17] Masoud Mohammadi, Mehdi Hosseinzadeh, and Mohammad Esmaeildoust. Analysis and improvement of the lightweight mutual authentication protocol under epc c-1 g-2 standard. Advances in Computer Science: an International Journal, 3(2):10_16, 2014.

[18] Masoumeh Safkhani, Nasour Bagheri, Pedro Peris-Lopez, Aikaterini Mitrokotsa, and Julio C Hernandez-Castro. Weaknesses in another gen2- based rfid authentication protocol. In RFID Technologies and Applications (RFID-TA), 2012 IEEE International Conference on, pages 80_84. IEEE, 2012.

[19] Umar Mujahid, M Najam-ul Islam, and M Ali Shami. Rcia: a new ultralightweight rfid authentication protocol using recursive hash. International Journal of Distributed Sensor Networks, 2015, 2015.

[20] Epcglobal inc., http://www.epcglobalinc.org.

[21] Karim Baghery, Behzad Abdolmaleki, Bahareh Akhbari, and Mohammad Reza Aref. Untraceable rfid authentication protocols for epc compliant tags. In Electrical Engineering (ICEE), 2015 23rd Iranian Conference on, pages 426_431. IEEE, 2015.

[22] Eun-Jun Yoon. Improvement of the securing rfid systems conforming to epc class 1 generation 2 standard. Expert Systems with Applications, 39(1):1589_1594, 2012.

[23] Tzu-Chang Yeh, Yan-Jun Wang, Tsai-Chi Kuo, and Sheng-Shih Wang. Securing rfid systems conforming to epc class 1 generation 2 standard. Expert Systems with Applications, 37(12):7678_ 7683, 2010.

[24] Smail Hassouni and Hassan Qjidaa. A design of modulator and demodulator for a passive uhf rfid tag using dtmost compatible with c1 g2 epc standard protocol. International Journal of Wireless Information Networks, 22(4):407_414, 2015.

[25] Hung-Yu Chien and Che-Hao Chen. Mutual authentication protocol for rfid conforming to epc class 1 generation 2 standards. Computer Standards & Interfaces, 29(2):254_259, 2007.

[26] Hung-Yu Chien and Che-Hao Chen. Mutual authentication protocol for rfid conforming to epc class 1 generation 2 standards. Computer Standards & Interfaces, 29(2):254_259, 2007.

[27] Pedro Peris-Lopez, Julio Cesar Hernandez-Castro, Juan M Estevez-Tapiador, and Arturo Ribagorda. Cryptanalysis of a novel authentication protocol conforming to epc-c1g2 standard. Computer Standards & Interfaces, 31(2):372_380, 2009.

[28] Khaled Ouafi and Raphael C-W Phan. Privacy of recent rfid authentication protocols. In Information Security Practice and Experience, pages 263_277. Springer, 2008.

[29] Nasour Bagheri, Masoumeh Safkhani, and Majid Naderi. Cryptanalysis of a new epc class-1 generation-2 standard compliant rfid protocol. Neural Computing and Applications, 24(3-4):799_ 805, 2014.

[30] Honorio Martin, Enrique San Milla´n, Pedro Peris-Lopez, and Juan E Tapiador. Efficient asic implementation and analysis of two epc-c1g2 rfid authentication protocols. IEEE Sensors Journal, 13(10):3537_3547, 2013.