Author(s)

Zhicai Shi, Shitao Ren, Fei Wu, Changzhi Wang

School of Electronic & Electrical Engineering, Shanghai University of Engineering Science, Shanghai, China.

The low-cost RFID tags have very limited computing and storage resources and this makes it difficult to completely solve their security and privacy problems. Lightweight authentication is considered as one of the most effective methods to ensure the security in the RFID system. Many light-weight authentication protocols use Hash function and pseudorandom generator to ensure the anonymity and confidential communication of the RFID system. But these protocols do not provide such security as they claimed. By analyzing some typical Hash-based RFID authentication protocols, it is found that they are vulnerable to some common attacks. Many protocols cannot resist tracing attack and de-synchronization attack. Some protocols cannot provide forward security. Gy?z? Gódor and Sándor Imre proposed a Hash-based authentication protocol and they claimed their protocol could resist the well-known attacks. But by constructing some different attack scenarios, their protocol is shown to be vulnerable to tracing attack and de-synchronization attack. Based on the analysis for the Hash-based authentication protocols, some feasible suggestions are proposed to improve the security of the RFID authentication protocols.

RFID, Authentication Protocol, Vulnerability, Hash Function, Security and Privacy

Shi, Z. , Ren, S. , Wu, F. and Wang, C. (2016) The Vulnerability Analysis of Some Typical Hash-Based RFID Authentication Protocols. Journal of Computer and Communications, 4, 1-9. doi: 10.4236/jcc.2016.48001.