Lightweight Anonymous RFID Authentication

  • Min Chen
  • Shigang Chen
Part of the Wireless Networks book series (WN)


This chapter describes on lightweight RFID anonymous authentication. The widespread use of RFID tags raises a privacy concern: They make their carriers trackable. To protect the privacy of the tag carriers, we need to invent new mechanisms that keep the usefulness of tags while doing so anonymously. Many tag applications such as toll payment require authentication. Since low-cost tags have extremely limited hardware resource, an asymmetric design principle is adopted to push most complexity to more powerful RFID readers. Instead of implementing complicated and hardware-intensive cryptographic hash functions, our authentication protocol only requires tags to perform several simple and hardware-efficient operations to generate dynamic tokens for anonymous authentication. The theoretic analysis and randomness tests demonstrate that our protocol can ensure the privacy of the tags. Moreover, our protocol reduces the communication overhead and online computation overhead to O(1) per authentication for both tags and readers, which compares favorably with the prior art.


Hash Function Central Server Hash Table Communication Overhead Authentication Protocol 
These keywords were added by machine and not by the authors. This process is experimental and the keywords may be updated as the learning algorithm improves.


  1. 1.
    Avoine, G., Oechslin, P.: A scalable and provably secure hash-based RFID protocol. In: IEEE PerCom Workshops, pp. 110–114 (2005)Google Scholar
  2. 2.
    Avoine, G., Dysli, E., Oechslin, P.: Reducing time complexity in RFID systems. In: Selected Areas in Cryptography, pp. 291–306. Springer, Berlin/Heidelberg (2006)Google Scholar
  3. 3.
    Bogdanov, A., Leander, G., Paar, C., Poschmann, A., Robshaw, M.J.B., Seurin, Y.: Hash functions and RFID tags: mind the gap. In: Proceedings of CHES, pp. 283–299 (2008)Google Scholar
  4. 4.
    Chen, M., Chen, S., Xiao, Q.: Pandaka: a lightweight cipher for RFID systems. In: Proceedings of IEEE INFOCOM, pp. 172–180 (2014)Google Scholar
  5. 5.
    Chisvin, L., Duckworth, R.J.: Content-addressable and associative memory: alternatives to the ubiquitous RAM. IEEE Comput. 22, 51–64 (1989)CrossRefGoogle Scholar
  6. 6.
    Dimitriou, T.: A secure and efficient RFID protocol that could make big brother (partially) obsolete. In: Proceedings of IEEE PERCOM (2006)CrossRefGoogle Scholar
  7. 7.
    EPC Radio-Frequency Identity Protocols Class-1 Gen-2 UHF RFID Protocol for Communications at 860MHz-960MHz, EPCglobal (2011). Available at
  8. 8.
  9. 9.
    Juels, A., Weis, S.A.: Defining strong privacy for RFID. In: IEEE PerCom Workshops, pp. 342–347 (2007)Google Scholar
  10. 10.
    Li, T., Luo, W., Mo, Z., Chen, S.: Privacy-preserving RFID authentication based on cryptographical encoding. In: Proceedings of IEEE INFOCOM (2012)Google Scholar
  11. 11.
    Lu, L., Han, J., Hu, L., Liu, Y., Ni, L.: Dynamic key-updating: privacy-preserving authentication for RFID systems. In: Proceedings of IEEE PERCOM (2007)Google Scholar
  12. 12.
    Lu, L., Han, J., Xiao, R., Liu, Y.: ACTION: breaking the privacy barrier for RFID systems. In: Proceedings of IEEE INFOCOM (2009)Google Scholar
  13. 13.
    Lu, L., Liu, Y., Li, X.: Refresh: weak privacy model for RFID systems. In: Proceedings of IEEE INFOCOM (2010)Google Scholar
  14. 14.
    Ohkubo, M., Suzuki, K., Kinoshita, S.: Efficient hash-chain based RFID privacy protection scheme. In: ICUCU, Workshop Privacy (2004)Google Scholar
  15. 15.
    Pais, S., Symonds, J.: Data storage on a RFID tag for a distributed system. Int. J. UbiComp. 2 (2), 26–39 (2011)CrossRefGoogle Scholar
  16. 16.
    Ranasinghe, D.C., Cole, P.H.: An evaluation framework. In: Networked RFID Systems and Lightweight Cryptography, Chap. 8 Springer, Berlin (2008)Google Scholar
  17. 17.
    Rukhin, A., Soto, J., Nechvatal, J., Smid, M., Barker, E., Leigh, S., Levenson, M., Vangel, M., Banks, D., Heckert, A., Dray, J., Vo, S. III, L.E.B.: A Statistical Test Suite for Random and Pseudorandom Number Generators for Cryptographic Applications. National Institute of Standards and Technology, Gaithersburg, MD (2010)Google Scholar
  18. 18.
    Singular Value Decomposition: Available at
  19. 19.
    Tsudik, G.: Ya-trap: Yet Another Trivial RFID Authentication Protocol. In: Proceedings of IEEE PerCom (2006)Google Scholar
  20. 20.
    Weis, S., Sarma, S., Rivest, R., Engels, D.: Security and Privacy Aspects of Low-cost Radio Frequency Identification Systems. Lecture Notes in Computer Science. Springer, New York (2004)CrossRefGoogle Scholar

Copyright information

© Springer International Publishing AG 2016

Authors and Affiliations

  • Min Chen
    • 1
  • Shigang Chen
    • 2
  1. 1.Department of Computer and InformationUniversity of FloridaGainesvilleUSA
  2. 2.Department of Computer and Information ScienceUniversity of FloridaGainesvilleUSA

Personalised recommendations