Efficient Ultralightweight RFID Mutual Authentication

In the RFID (Radio Frequency Identification) system, the communication between the reader and tags is vulnerable to attacks due to the nature of RF signals. Typical attacks include the forged-server, forged-tag, man-in-the-middle (MitM), tracking, replay, forward secrecy and denial of service (DoS) attacks. Some mutual authentication schemes/protocols have been proposed to resist these attacks. Unfortunately, these schemes still have some flaws. For example, some of them cannot resist all the above-mentioned attacks due to the cyclic redundancy check (CRC) security flaw, and others need tags to have more powerful computation ability than a normal passive one. In this paper, we propose a mutual authentication protocol conforming to the popular EPC Class 1 Generation 2 (EPC C1G2) specification to resist all the above-mentioned attacks. The proposed protocol uses only ultra lightweight operations, including CRC, to reduce computation and communication overheads without causing the CRC security flaw. We conduct security analysis for the proposed scheme and compare it with other related ones to demonstrate its superiority in terms of the communication cost, computation cost and security.