The Lightweight RFID Grouping-Proof Protocols with Identity Authentication and Forward Security

In many fields, multiple RFID tags are often combined into a group to identify an object. An RFID grouping-proof protocol is utilized to prove the simultaneous existence of a group of tags. However, many current grouping-proof protocols cannot simultaneously provide privacy preserving, forward security, and the authentication between reader/verifier and tags, which are vulnerable to trace attack, privacy leakage, and desynchronization attack. To improve the secure performance of the current grouping-proof protocols, we propose two provable lightweight grouping-proof protocols that provide forward security, identity authentication, and privacy preserving. Our protocols involve a trusted reader and an untrusted reader, respectively. In order to avoid verifying some invalid evidences, our protocols complete the authentication of the verifier to the trusted reader and the verified tags before the verifier verifies the grouping-proof evidence. Each tag uses parallel mode to complete its signature to improve the efficiency of the protocols. Moreover, the activate-sleep mechanism and the filtering operation are proposed to effectively reduce the collision probability and computing load of tags. Our protocols complete the authentication to tags twice by a verifier and a trusted reader, respectively. They can resist various attacks such as eavesdropping, replay, trace, and desynchronization. The protocols are proven to be secure, flexible, and efficient. They only utilize some lightweight operations. Therefore, they are very suitable to the low-cost RFID systems.

An Enhanced and Resource-Aware RFID Multitag Grouping Protocol

Several grouping proof protocols were presented to meet the security requirements of Radio Frequency Identification Systems. Nevertheless, these protocols were shown to be vulnerable to various attacks. In this work, we cryptanalyze one of the newest grouping proof protocols. Through this analysis, we show the weaknesses of the protocol and launch a full-disclosure attack to disclose all secrets in the protocol. We show that the probability of success of the protocol is one and that increasing the length of the strings adds little complexity to the attack. We follow this by proposing an enhanced version of the protocol with better overall security. We show its efficiency by providing a security and performance analysis and comparing it with some of the existing protocols in the literature.

Novel Designated Ownership Transfer with Grouping Proof

In the supply chain management literature, various mobile radio frequency identification (RFID) protocols have been proposed for minimizing cargo theft during transport while ensuring the integrity of the entire cargo load or transferring ownership of a tagged item to another owner. These protocols are generally called grouping proof protocols and ownership transfer protocols, respectively. However, no protocol has been proposed that can achieve both requirements. In this paper, we propose a novel designated ownership transfer with grouping proof protocol that simultaneously generates grouping proofs and authenticates the consistency between the receipt proof and pick proof while ensuring that ownership of the cargo is transferred to the new designated owner in one attempt. In addition, the proposed scheme is robust against attacks (such as replay, denial-of-service, and denial-of-proof attacks) and has security features, such as forward/backward secrecy and message integrity.