Radio Frequency Identification (RFID) is one of the most exciting and promising technology in the field of automated identification. It is expected to be deployed in a major way in the near future. One of its main advantages is it can quickly identify massive tags through radio frequencies without visual contact. This technology will be a substitution for the existing optical bar code system.
Typically, the reader together with the system is considered as a single powerful and secure participant, but tags are tiny inexpensive devices which are not secure, easy to corruption, and with little computational capabilities. For this, the study for security and privacy of RFID protocols has become a hot research topic. As far as user privacy issues concerned, we should consider the data leakage illegally from a tag and the tracking for the unique ID of a tag. To resolve this security and privacy problems, up till now, many protocols have been researched and proposed. Those protocols may have many advantages but disadvantages either, which I will discuss with.
Due to protect privacy and security of the RFID system, in this paper, I propose a robust hash-based mutual authentication protocol that fits the low-cost RFID environment. The proposed protocol provides reader-tag and tag-reader authentication and prevents active attacks. Furthermore, as tags only have hash function, exclusive-or and module operation, our protocol is simple, scalable and very feasible for low-cost RFID system compared to the previous works. I also firstly adapt GNY logic-based formal proof for the correctness of the proposed authentication protocol in order to prove the correctness of its privacy and security. The analysis of its performance compared to the other protocols is carried out in the OMNET++ simulation environment.