Design And Analysis Of A Provable Secure RFID Authentication Protocol

RFID (Radio Frequency Identicication Technology) is a contactless automatic identification technology. RFID technology has been widely used in identity identification, forgery prevention, supply chain management, public traffic management and military affairs etc. because of its unique advantages. The security and privacy problem of RFID system has restricted its further development and is beyond the boundaris of traditional cryptography because of its contactless communication and low-cost requirement. The experts at home and abroad have put forward many methods to solve the security and privacy problems of RFID systems, including plysical, cryptography, and a combination of both methods. But all of them have some Imitations in security and application aspects. So it is of great significance in both theory and practise to design a secure RFID mutual authentication protocol regarding the security and efficiency of RFID system.In this article. based on the study on the system composition and communication principle we analyzed the security and privacy risks of RFID system. analyzed and compared current security solutions about RFID systems. especially disadvantages of several RFID authentication protocols based on Hash function. After we analyzed the weakness and attacks of the narrow destructive private protocol proposed by Vaudenay, we proposed a RFID mutual authentication protocol based on challenge-response mechanism and PUF function. This protocol provided mutual ahthentication. tag anonymity, session ditinguishibility, forward security, backword security, unclonability, and anti-sychronization for RFID system. We proved its security by protocol composition logic and we also proved that it provided narrow destructive privacy in Vaudenay’s privacy model. Compared with other Hash-based RFID authentication protocols, there is a slight increase in the load on tag’s storage, computation and communication with reader. Finally, based on our proposed protocol, a RFID threshhould secret sharing scheme is addressed, which achieves high security, sinple implementation, and great flexibility. And tag participants can be dynamically added and deleted in this scheme.