A Full Scale Authentication Protocol for RFID Conforming to EPC Class1 Gen2 Standard

Abstract

The low cost RFID tags can be applied in new applications", "and interest more different groups of suppliers and end users, But the most important problem of low cost RFID system is that unauthorized readers can access to tag information and illegal tags can be authorized by legal readers, which should be potential to produce privacy and security problem. EPC Class1 Gen2 standard can be considered as a universal specification for low cost RFID tags, but it does not pay more attention to security. Recently some compliant to low cost RFID tags authentication protocols are proposed in the literature, but many of them do not guarantee security and privacy. Those protocols do not consider that the tags' electronic product code usually has 96 bits, and directly use 16 bit CRC and 16-bit PRNG, so it does not guarantee the unequivocal identification of tagged items. Our protocol not only overcomes the weakness of the previous proposed protocols to guarantee the security and privacy, but also reduces database searching time and guarantees the synchronization between the readers and the tags. Furthermore, we analyze the proposed protocol in terms of security and performance, and it shows that the proposed protocol is effective and efficient.