English

RFID Authentication Against an Unsecure Backend Server

Cryptography and Security 2014-05-01 v2

Abstract

This paper address a new problem in RFID authentication research for the first time. That is, existing RFID authentication schemes generally assume that the backend server is absolutely secure, however, this assumption is rarely tenable in practical conditions. It disables existing RFID authentication protocols from being safely applied to a reallife scenario in which the backend server is actually vulnerable, compromised or even malicious itself. We propose an RFID authentication scheme against an unsecure backend server. It is based on hash chain, searching over encrypted data, and coprivacy, defending against the privacy revealing to the backend server. The proposed scheme is scalable, resistant to desynchronization attacks, and provides mutual authentication in only three frontend communication steps. Moreover, it is the first scheme meeting the special security and privacy requirement for a cloud-based RFID authentication scenario in which the backend server is untrustworthy to readers held by cloud clients.

Keywords

Cite

@article{arxiv.1304.1318,
  title  = {RFID Authentication Against an Unsecure Backend Server},
  author = {Wei Xie and Chen Zhang and Quan Zhang and Chaojing Tang},
  journal= {arXiv preprint arXiv:1304.1318},
  year   = {2014}
}

Comments

This paper has been withdrawn by the author due to a crucial sign error

R2 v1 2026-06-21T23:53:47.508Z