Enhanced Hash-Based RFID Mutual Authentication Protocol

  • Hyunsung Kim
Part of the Communications in Computer and Information Science book series (CCIS, volume 339)


Radio frequency identification (RFID) system is a promising automatic identification technology that uses communication via radio waves to identify and track moving objects. Privacy and security concerns inhibit the fast adaption of RFID technology for many applications. A number of authentication protocols that address these concerns have been proposed but real-world solutions that are secure and maintain low communication cost are still needed and being investigated. Recently, Cho et al. proposed a hash-based RFID mutual authentication protocol and the protocol is secure. However, this paper proposes an enhanced hash-based RFID mutual authentication protocol to remedy the desynchronization problem in the previous protocol. This protocol requires little computation and achieves both privacy and authentication, making it sufficient enough for use in supply chain management.


Supply Chain Management Authentication Protocol Mutual Authentication Replay Attack Message Authentication Code 
These keywords were added by machine and not by the authors. This process is experimental and the keywords may be updated as the learning algorithm improves.


Unable to display preview. Download preview PDF.

Unable to display preview. Download preview PDF.


  1. 1.
    Staake, T., Thiesse, F., Fleisch, E.: Extending the EPC network: the potential of RFID in anti-counterfeiting. Auto-ID Labs White Paper (2005)Google Scholar
  2. 2.
    Finkenzeller, K.: RFID Handbook, 2nd edn. Wiley & Sons (2002)Google Scholar
  3. 3.
    Liu, A.X., Bailey, L.A.: PAP: A privacy and authentication protocol for passive RFID tags. Computer Communications 32(7-10), 1194–1199 (2009)CrossRefGoogle Scholar
  4. 4.
    Doss, R., Zhou, W., Sundaresan, S., Yu, S., Gao, L.: A minimum disclosure approach to authentication and privacy in RFID systems. Computer Networks (in press, 2012),
  5. 5.
    Juels, A.: RFID security and privacy: a research survey. Selected Areas in Communications 24(2), 381–394 (2006)MathSciNetCrossRefGoogle Scholar
  6. 6.
    Yeo, S.-S., Kim, S.K.: Scalable and Flexible Privacy Protection Scheme for RFID Systems. In: Molva, R., Tsudik, G., Westhoff, D. (eds.) ESAS 2005. LNCS, vol. 3813, pp. 153–163. Springer, Heidelberg (2005)CrossRefGoogle Scholar
  7. 7.
    Ohkubo, M., Suzuki, K., Kinoshita, S.: Cryptographic approach to privacy-friendly tag. In: Proc. of RFID Privacy Workshop 2003 (2003)Google Scholar
  8. 8.
    Yang, J., Park, J., Lee, H., Ren, K., Kim, K.: Mutual authentication protocol for low-cost RFID. In: Proc. of the Workshop on RFID and Lightweight Cryptography, pp. 17–24 (2005)Google Scholar
  9. 9.
    Sarma, S.E., Weis, S.A., Engels, D.W.: RFID Systems and Security and Privacy Implications. In: Kaliski Jr., B.S., Koç, Ç.K., Paar, C. (eds.) CHES 2002. LNCS, vol. 2523, pp. 454–469. Springer, Heidelberg (2003)CrossRefGoogle Scholar
  10. 10.
    Mitrokotsa, A., Rieback, M.R., Tanenbaum, A.S.: Classification of RFID attacks. In: Proc. of the 2nd International Workshop on RFID Technology (2008)Google Scholar
  11. 11.
    Langheinrich, M.: A survey of RFID privacy approaches. In: Proc. of the IEEE International Conference on RFID, pp. 58–64 (2008)Google Scholar
  12. 12.
    Peris-Lopez, P., Hernandez-Castro, J.C., Estevez-Tapiador, J.M., Ribagorda, A.: RFID Systems: A Survey on Security Threats and Proposed Solutions. In: Cuenca, P., Orozco-Barbosa, L. (eds.) PWC 2006. LNCS, vol. 4217, pp. 159–170. Springer, Heidelberg (2006)CrossRefGoogle Scholar
  13. 13.
    Feldhofer, M.: An authentication protocol in a security layer for RFID smart tags. In: Proc. of the 12th IEEE Mediterranean Electrotechnical Conference 2004, vol. 2, pp. 759–762 (2004)Google Scholar
  14. 14.
    Vajda, I., Buttyan, L.: Lightweight authentication protocols for low-cost RFID tags. In: Proc. of the Second Workshop on Security in Ubiquitous Computing 2003 (2003)Google Scholar
  15. 15.
    Weis, S.A., Sarma, S.E., Rivest, R.L., Engels, D.W.: Security and Privacy Aspects of Low-Cost Radio Frequency Identification Systems. In: Hutter, D., Müller, G., Stephan, W., Ullmann, M. (eds.) Security in Pervasive Computing 2003. LNCS, vol. 2802, pp. 201–212. Springer, Heidelberg (2004)CrossRefGoogle Scholar
  16. 16.
    Cho, J.S., Jeong, Y.S., Park, S.O.: Consideration on the brute-force attack cost and retrieval cost: A hash-based radio-frequency identification (RFID) tag mutual authentication protocol. Computers and Mathematics with Applications, doi:10.1016/j.camwa.2012.02.025Google Scholar
  17. 17.
    Kim, H.: Desynchronization Attack on Hash-based RFID Mutual Authentication Protocol. Journal of Security Engineering 9(4), 357–365 (2012)Google Scholar

Copyright information

© Springer-Verlag Berlin Heidelberg 2012

Authors and Affiliations

  • Hyunsung Kim
    • 1
  1. 1.Department of Cyber SecurityKyungil UniversityKyungsansiKorea

Personalised recommendations