An enhanced ultralightweight RFID authentication protocol

Abstract

RFID is a kind of contactless automatic identification system. As its cost declines and function extends, RFID is gradually replacing the traditional barcode systems. Low-cost RFID tags are anticipated to be widely used in our daily life. However, owing to the radio transmission nature of RFID, the information transmitted in the air could easily be eavesdropped on, intercepted, or modified. Because low-cost RFID tags are with extremely limited resources, traditional security primitives can not be incorporated well. In 2007, Chien proposed the ultralightweight strong authentication and strong integrity (SASI) protocol for low-cost and very low-cost tags. The protocol is a highly efficient RFID authentication protocol using only simple bitwise operations on tags. However, the scheme is found suffering from tracking and denial of service attacks. This paper will give demonstrations on what have caused these weaknesses, and more of that, an improved protocol is also proposed which is free from worries of those possible attacks. The improved protocol could thus be applied in environments demanding high security.