Authors: Xiaowen Zhang, Qinghai Gao, Mohamed K. Saad
Addresses: Department of Computer Science, College of Staten Island, City University of New York, 2800 Victory Blvd, Staten Island, NY 10314, USA. ' Department of Security Systems, Farmingdale State College/SUNY, 2350 Broadhollow Road, Farmingdale, NY 11735, USA. ' Graduate Center, Department of Computer Science, City University of New York, 365 Fifth Ave., New York, NY 10016, USA
Abstract: Radio Frequency Identification Authentication Protocols (RFID APs) are an active research topic and many protocols have been proposed. In this paper, we consider a class of recently proposed lightweight RFID authentication protocols: CRAP, LCAP, OHLCAP, O-TRAP, YA-TRAP, and YA-TRAP+, which are claimed to be resistant to conventional attacks and suitable for low cost RFID device scenarios. We examine them using GNY logic to determine whether they can be proved to have achieved their protocol goals. We show that most of them meet their goals, though some do not. Furthermore this approach enables us to identify similarities and subtle differences among these protocols. Finally, we offer guidelines on when it is necessary to use encryption rather than hash functions in the design of RFID authentication protocols.
Keywords: low cost RFID; radio frequency identification; RFID authentication protocols; GNY logic; formal method; CRAP; LCAP; OHLCAP; O-TRAP; YA-TRAP; hash; encryption; network security.
International Journal of Security and Networks, 2010 Vol.5 No.2/3, pp.135 - 146
Available online: 17 Mar 2010 *Full-text access for editors Access for subscribers Purchase this article Comment on this article