An AKARI-based Secure Communication Scheme for EPC Tags

Abstract

Due to massive advantages of short range communication technologies such as NFC and RFID, they are ubiquitously utilized in many fancy and sensitive applications. During last decade, there have been impressive endeavors to design efficient authentication protocols which can provide secure and anonymous communication for end-users. In this research, we formally analyze a recently improved authentication protocol which is proposed for RFID tags consistent with EPC Class 1 Generation 2 standard. Our analysis show that however the authors have tried to improve the original protocol and make it secure against various active and passive attacks, but still their improved version has some serious drawbacks which make it vulnerable to traceability and forward traceability privacy attacks. Our attacks are mounted in the Ouafi and Phan's RFID formal privacy model which is an extended version of Juels and Weis's well-known privacy model. Finally, we modify the structure of analyzed protocol and propose a revised version which prevents all discovered attacks.