Cyclic group based mutual authentication protocol for RFID system

TL;DR

This paper introduces a cyclic group-based RFID authentication protocol that enhances privacy and reduces server search complexity using simple operations, without pseudo-random generators, and demonstrates high privacy preservation through simulations.

Contribution

The proposed RFID authentication scheme is novel in using cyclic groups and simple bitwise operations, improving privacy and efficiency over existing methods.

Findings

High privacy level maintained even with compromised tags

Scheme resists common RFID attacks

Simulation results confirm low information disclosure

Abstract

Widespread deployment of RFID system arises security and privacy concerns of users. There are several proposals are in the literature to avoid these concerns, but most of them provides reasonable privacy at the cost of search complexity on the server side. The search complexity increases linearly with the number of tags in the system. Some schemes use a group based approach to solve the search complexity problem. In this paper, we proposed a group based authentication protocol for RFID system which is based on some characteristics of cyclic groups. The scheme uses only bitwise XOR and mod operation for the computational work. Also, the scheme does not use any pseudo-number generator on the tag-side. We use two benchmark metric based on anonymity set to measure the privacy level of the system when some tags are compromised by an adversary. We present some simulation results which show that the scheme preserves high level of privacy and discloses very less amount of information when some tags are compromised. Furthermore, it's formal and informal analysis shows that our scheme preserves information privacy as well as un-traceability and also withstand against various well known attacks.