Secure and efficient mutual authentication protocol for RFID conforming to the EPC C-1 G-2 Standard

As low-cost tags based on the EPC C-1 G-2 standard are much limited in storage capacity and computation power, most of the existing authentication protocols are too complicated to be suitable for these tags, and the design of authentication protocols conforming to the EPC C-1 G-2 standard is a big challenge. Recently, a mutual authentication protocol for RFID conforming to the EPC C-1 G-2 standard was proposed by Yeh et al., and it is claimed that this protocol has solved all security vulnerabilities in the existing RFID protocols. However, in fact, it is proven that this scheme is vulnerable to the tag tracing attack and suffers from the information leakage issue, and the complexity of the successful attack is only 2(16). To address these issues efficiently, a novel secure RFID authentication protocol conforming to the EPC C-1 G-2 standard is proposed. In the new scheme, the attack complexity is raised to 2(32) without changing the length of any protocol data. Analysis shows that our protocol can not only efficiently resist the tag information leakage and the tag tracing attack, but also have a significant advantage in performance over Yeh et al.'s protocol.