A light-weight authentication protocol using integer arithmetic for low-cost RFID tags

Abstract

The cost of the tag is one of the important factors to their proliferation. Designing a secure and efficient light-weight authentication protocol is imperative for resisting against all feasible attacks. In general, the low-cost tag is difficult to implement the traditional public key cryptosystem since the tag``s limited storage capacity(25-3K storage and 5-10K logic gates). Over the past years, several streams of research have emerged to resolve the RFID authentication security problem from different perspectives. Most of the previous light-weight RFID authentication protocols based on random number generator, Cyclic Redundancy Code(CRC) or bitwise operations (e.g., XOR, AND and OR)are vulnerable to both passive and active attacks [32, 31]. For instance, anyone can obtain the tag identity and secret key through the consecutive eavesdropping.[12] In this paper, we propose a light-weight and secure authentication protocol that enhances Stephane $\It{et al}$.``s [24] protocol based on a random number generator and abstract of integer arithmetic (AIA), which generates secret key pool from the subset of the remainders and the carries of the integer multiplication. We assume that the tag and the reader share the same secret $\It{K}$,$\It{AIA}$. Two parties then perform specific integer arithmetic to make message using their own $K_i$ and $AIA_i$. Then, both parties convince that they share same secret key from exchanging their messages. We consider two different situation as the state of the authentication session, authentication terminates normally or not. Then, if the desynchronization between the tag and the reader occurs, the tag recovers the key, it was before. Every tag is designed with a unique set of logic gates to perform the message computation so that our protocol strong to cloning attack as well as man-in-the-middle attack. Furthermore, Security properties such as man-in-the-middle attack, forgery attack, replay attack and de-synchronization, appe...