The Community for Technology Leaders
Green Image
Issue No. 08 - August (2009 vol. 8)
ISSN: 1536-1233
pp: 1052-1062
Hung-Min Sun , National Tsing Hua University, Hsinchu
Wei-Chih Ting , National Tsing Hua University, Hsinchu
ABSTRACT
EPCglobal Class-1 Generation-2 specification (Gen2 in brief) has been approved as ISO18000-6C for global use, but the identity of tag (TID) is transmitted in plaintext which makes the tag traceable and clonable. Several solutions have been proposed based on traditional encryption methods, such as symmetric or asymmetric ciphers, but they are not suitable for low-cost RFID tags. Recently, some lightweight authentication protocols conforming to Gen2 have been proposed. However, the message flow of these protocols is different from Gen2. Existing readers may fail to read new tags. In this paper, we propose a novel authentication protocol based on Gen2, called Gen2^{+}, for low-cost RFID tags. Our protocol follows every message flow in Gen2 to provide backward compatibility. Gen2^{+} is a multiple round protocol using shared pseudonyms and Cyclic Redundancy Check (CRC) to achieve reader-to-tag authentication. Conversely, Gen2^{+} uses the memory read command defined in Gen2 to achieve tag-to-reader authentication. We show that Gen2^{+} is more secure under tracing and cloning attacks.
INDEX TERMS
Protocol design and analysis, security, privacy.
CITATION
Hung-Min Sun, Wei-Chih Ting, "A Gen2-Based RFID Authentication Protocol for Security and Privacy", IEEE Transactions on Mobile Computing, vol. 8, no. , pp. 1052-1062, August 2009, doi:10.1109/TMC.2008.175
85 ms
(Ver 3.1 (10032016))