Secure and scalable RFID authentication protocol

Abstract

The radio frequency identification (RFID) enables identifying an object remotely via radio waves. This feature has been used in a huge number of applications, reducing dramatically the costs in some production processes. Nonetheless, it also poses serious privacy and security risks to them. Thus, researchers have presented secure schemes that prevent attackers from misusing the information which is managed in those environments. These schemes are designed to be very efficient at the client-side, due to the limited resources of the tags. However, they should be efficient at the server-side also, because the server manages a high number of tags, i.e. any proposal must be scalable in the number of tags. The most efficient schemes are based on client-server synchronization. The answer of the tag is previously known by the server. These kind of schemes commonly suffers desynchronization attacks. We present a novel scheme with two main features: (i) it improves the scalability at the sever-side; and (ii) the level of resistance to desynchronization attacks can be configured. © 2011 Springer-Verlag.