RFID Authentication Protocol And Its Security Analysis

Radio Frequency IDentification (RFID) is the main technology of implementingthe pervasive computing environment, which has attracted more and more users,vendors and academics because of its excellent properties： non-contact and a batchcertification.With the development of LSI (Large-scale integration) and the continuousexpansion of the production scale of RFID systems, the RFID tags cost will continue toreduce, and the RFID application field will be more wide. However, the RFID systemlimitations (such as low cost) bright a lot of security issues， such as mutualauthentication, traceability, DoS （Denial of Service）, forward security， tagimpersonation and tag clone, man-in-the-middle attack etc. Thus, research on RFIDauthentication protocols in the constrained environment becomes an important directionin the field of RFID technology. The thesis focuses on study low-cost, secure andefficient RFID authentication protocols.The middleweight RFID authentication protocol supporting Hash function and thelightweight RFID authentication protocol supporting pseudo-random numbers andsimple functions like CRC (Cyclic Redundancy Check) have wide range of applicationsin the real world. At the same time, they are also hot research topic in the academic field.The thesis focuses on study of these two kinds of protocols based on cryptographictechniques. The main achievements are as follows:(1) Analyzing a lot of RFID authentication protocols based on cryptographictechniques, we further sort out the development process of the RFID authenticationprotocols and summarize some of the security requirements, security analysis anddesign of this kind of protocol.(2) By analyzing Jin et al’s protocol, we find it doesn’t resist replay attack andman-in-the-middle attack. And then, based on the improvement of the Rabin encryptionscheme (SQUASH function, namely SQUare-hASH function), a new lightweight RFIDmutual authentication protocol is proposed，which satisfies security requirements:untraceability, denial of service(DoS) resistance, man-in-the-middle attack resistance,replay attack resistance and forward security etc. And the new proposed protocol cansupport secure ownership transfer between the current tag owner and the new one.(3) Based on lightweight block ciper algorithm, we propose a lightweight RFIDmutual authentication protocol with secure ownership transfer. By analyzing its security, the scheme has excellent security properties, such as untraceability, DoS resistance,replay attack resistance, man-in-the-middle attack resistance and forward security etc.