An Improved Forward Secrecy Protocol for Next Generation EPCGlogal Tag

Radio Frequency Identification (RFID) (Landt, 2001) is a prevalent technology that replaces barcode technology and it will be massively applied in both consumer and commercial products as the trend predicts. However, the computation power and memory of RFID including the EPCGlobal Gen-1 and Gen-2 RFID tags are restricted. These made the implementation of well-known cryptographic algorithms, both computational and memory intensive, on the tags not possible. Although various cryptographic privacy enhancing technologies for RFID have been proposed, they include Hash-lock approaches, Digital Signature approaches, Encryption approaches, Time Stamping approaches, Pseudonyms approaches and Challenge-response approaches, the EPCGlobal tags continue to operate in a limited security protection. The Hash-lock approach (Weis, 2003) is based on locking the tag using a hash of the key on the tag, where the key is stored in a back-end server. This approach assumes that tags can not be operated securely in a long isolated environment. This approach can be used for authentication, by matching the right hash of key. The cloning resistance is weak and enhanced techniques providing better privacy protection and scalability have been derived (An, 2005; Nohara, 2005; Wang, 2007). Digital signatures approaches (Juels, 2003; Bono, 2005; de Dormale, 2005) provide better tracing and forgery resistance of RFID during authentication process. The approaches use a PKI encryption technique to avoid static identifiers and information to be read by others. Authentication is performed by verifying data on the tag is signed using a valid public-key digital signature to check the valididty of authentication. Encryption approaches (Golle, 2004; Feldhofer, 2004; Ranasinghe, 2004; Ateniese, 2005) are similar to digital signature approaches except simplified private key standard or propriertay cryptographic algorithm is used. Time stamping approaches (Glidden, 2004; Molnar ,2005; Tsudik, 2006; Ith, 2007) are the most popular approaches which provide a dynamic matching of time information that help avoiding replay attacks. Pseudonyms approaches (Juels, 2004; Juel, 2006; Molnar, 2005; Avoine, 2005) is very similar to time stamping approaches except the dynamic information is scheduled from a predefined list of pseudo-random data called pseudonynms. Challenge-response approaches (Ree , 2005; Dimitriou, 2006; Duc, 2006; Chien, 2007) are the most secured techniques developed from multi-pass authentication process to provide a wide range of security and privacy protection. O pe n A cc es s D at ab as e w w w .in te ch w eb .o rg