On Existence Proofs for Multiple RFID Tags

Abstract

The ability to securely authenticate RFID (radio-frequency identification) tags is of paramount importance in RFID-tagged applications where the integrity of the system as well its security can be compromised by an adversary. RFID tags have resource constraints including limited memory and processing capacity which restrict utilization of cryptographic primitives that have been used in other applications. We consider the case where two or more RFID tags need to be simultaneously scanned. Juels (2004) provided a proof for the simultaneous existence of two RFID tags. Saito and Sakurai (2005) later showed the proof described in Juels (2004) to be vulnerable to `replay attack', and proposed new proofs to alleviate this problem. However, the proofs provided by Saiko and Sakurai (2005) are not immune to `replay attack.' We propose a modified proof and provide its security analysis