Privacy of a randomised skip lists-based protocol

Privacy and efficiency are two important but seemingly contradictory objectives in radio-frequency identification (RFID) systems. On one hand, RFID aims to identify objects easily and quickly, on the other hand, users want to maintain the necessary privacy without being tracked down for where they are and what they are doing. Common RFID privacy-preserving authentication protocols can be classified into tree-based schemes and group-based schemes, and all these schemes do not meet the dual goals of efficiency and security at the same time. In 2013, Sakai et al. proposed a randomised skip lists-based authentication protocol (RSLA), and claimed that the RSLA can resist compromise attacks. In this study, the authors analyse the compromise attacks on RSLA and show that there is no obvious advantage with respect to the privacy of the RSLA compared with balanced tree-based schemes. Moreover, it is reasonable to claim that protocols based on skip lists are also vulnerable to compromise attacks.