Gyozo Godor and Sandor Imre Pages 5 - 19 ( 15 )
Background: Radio Frequency Identification (RFID) technology is becoming ubiquitous, more and more applications use this technique. Most of them are applied for access control, supply chain or animal tagging, however, there are some, which stores confidential data about its owner (e.g., passport, credit card). Therefore, serious considerations should be given to the security issues according to the RFID systems. Since these systems have low computational capacity and limited memory, the most obvious solution is the so-called lightweight authentication protocol family.Method: In this paper, we point out the weaknesses of the RFID systems and the typical attack methods are described. Some significant lightweight solutions, which were developed in the recent years, are presented, moreover, their brief security analysis is presented. Taking into account the results of the study, we designed a novel authentication protocol. Results: We introduce our novel hash-based mutual authentication protocol, which ensures secure and efficient communication between the tags and reader. Additionally, we give a detailed security analysis of our protocol and we show the effects of different parameters of the system on the authentication time. Finally, the proposed solution and some state-of-the-art protocols were implemented in OMNeT++ simulation environment in order to make a detailed comparison on performance and security. Conclusion: The trade-off between performance and security should be taken into account in order to ensure the best solution for a given application. Our proposed protocol provides the highest security features, it resists against the typical attacks that can be executed in RFID system, while its performance is slightly lower, compared to the other presented algorithms, so its performance satisfies most of the practical usages.
RFID, authentication, lightweight, security, performance, simulation.
Department of Networked Systems and Services, Faculty of Electrical Engineering and Informatics, Budapest University of Technology and Economics, P.O. Box: H-1111, Budapest, Department of Networked Systems and Services, Faculty of Electrical Engineering and Informatics, Budapest University of Technology and Economics, Budapest