Cryptanalysis and improvement of two new RFID protocols based on R-RAPSE

Abstract

RFID (Radio Frequency IDentification) is a pioneer technology which has depicted a new lifestyle for humanity. Nowadays we observe an increase in the number of RFID applications and no one can ignore their numerous usage. An important issue with RFID systems is providing privacy requirements of these systems during authentication. Recently in 2014, Cai et al. proposed two improved RFID authentication protocols based on R-RAPS (RFID Authentication Protocol Security Enhanced Rules). We investigate the privacy of their protocols based on Ouafi and Phan privacy model and show that these protocols cannot provide private authentication for RFID users. Moreover, we show that these protocols are vulnerable to impersonation, DoS and traceability attacks. Moreover, we present two improved efficient and secure authentication protocols to ameliorate the performance of Cai et al.’s schemes. Our analysis illustrates that the existing weaknesses of the discussed protocols are eliminated in our proposed protocols.