Secure Indefinite-Index RFID Authentication Scheme with Challenge-Response Strategy

Authors

  • Wen Chung Kuo National Yunlin University of Science and Technology
  • Bae-Ling Chen University Road
  • Lih-Chyau Wuu National Yunlin University of Science and Technology

DOI:

https://doi.org/10.5755/j01.itc.42.2.1615

Keywords:

Radio Frequency Identification (RFID), Access Control, Mutual Authentication, Security, Privacy

Abstract

In 2011, Chen, Tsai, and Jan proposed a radio frequency identification (RFID) access control protocol for a low-cost RFID system (CTJ-scheme for short). They claimed that their scheme not only guarantees mutual authentication and location privacy but also resists man-in-the-middle, spoofed reader, and spoofed tag attacks. However, in late 2011, Chen et al. pointed out that CTJ-scheme is vulnerable to a spoofed reader attack and did not provide any protection against denial-of-service (DoS) attacks. In addition, our research also found that under Chen et al.’s spoofed reader attack, tag contents can be surreptitiously altered by replaying message. In this paper, we analyze the weaknesses of CTJ-scheme and propose an enhanced scheme. According to our analyses, the proposed scheme is secure against the aforementioned DoS, spoofed reader, and modification attacks, while maintaining the merits of the original scheme.

DOI: http://dx.doi.org/10.5755/j01.itc.42.2.1615

Downloads

Published

2013-05-31

Issue

Section

Articles