PUF-Based RFID Ownership Transfer Protocol in an Open Environment

In the supply chain, RFID tags are deployed more widely. In the life of the supply chain, the owner of the tag will change frequently. Ownership transfer protocol can achieve the purpose that the access rights of the tag are transferred from the original owner to the new owner, and protect the privacy of the original owner and the new owner. To resist cloning attack and side channel analysis attack, physical unclonable function (PUF) has been proposed to enhance the security of the tags. Since the PUF of each tag is unique and different, it is difficult to be forged. However, most of PUF-based authentication protocols need the response value previously stored in the readers. On the other hand, most of the ownership transfer protocols assume the original owner and the new owner has a secure channel. However, in an open environment, due to time and space constraints, such a channel is often unable to quickly established. In this paper, we studied the ownership transfer protocols in an open environment and proposed a PUF-based RFID ownership transfer protocols, PROTP. The new protocol is the first ownership transfer protocol based on the PUF in an open environment. The new protocol does not need to store the respond values of the PUF. To utilize the randomness of the PUF, it replaces the pseudo-random generator. Meanwhile, PROTP can protect the privacy of the original owner and the new owner. In terms of efficiency, since the protocol is designed to satisfy the requirement in an open environment, the total cost of the computation is more than others protocols. However, due to the new protocol utilizes the PUF to replace the pseudo-random generator, the each step of the authentication messages achieves a better optimization in computational cost.