Lightweight RFID Authentication Protocols for Special Schemes

by Xuefei Leng

RHUL-MA-2011-1

Abstract:

This thesis addresses the problem of providing secure protocols
for the practical application of low cost Radio-Frequency
Identification (RFID) tags. This is particularly challenging
because the tags are limited in cryptographic functionality and
general performance, but also when there is a need to read
multiple tags in a range of practical environments whilst
maintaining data privacy. Several protocols exist for reading
of RFID tags, either individually or within a group; however
some have design weaknesses and/or would be impractical for a
real-world implementation. The contribution of this work is
first to review and propose improvements to the security of
existing protocols for single tags and then to groups of tags.
It then goes on to propose optimised protocols, exploiting
capabilities that are common in real RFID tag systems, but are
overlooked in most theoretical protocols. For the reading of
individual tags, reference is made to the HB family of RFID
protocols and in particular the lightweight HB-MP protocol.
This thesis contributes analysis revealing that the protocol is
vulnerable to man-in-the-middle attacks and then goes on to
propose an improved version HB-MP+. For multi-tag group reading
an analysis is performed of protocols based on the yoking proof
mechanism proposed by A. Juels, identifying problems with tag
ordering and data privacy. This leads to original proposals for
improved protocols offering tag order independence, privacy,
select-response optimisations, binary tree anti-collision
groupings and simultaneous tag authentication via bit collision
processing.