Abstract
Mobile Radio Frequency Identification (RFID) systems are emerging as a fundamental part of modern smart environments, enabling automatic identification, tracking, and data exchange among different mobile platforms. While these systems are increasingly being adopted, they have a major drawback: an RFID tag has very little computational power, and the wireless communication channels can be attacked by adversaries. Several authentication and key management mechanisms to protect data and provide secure access have been proposed to solve these problems. In this study, we propose a new scheme that improves system security through explicit three-party mutual authentication, epoch-based pseudonym indexing for O(1) server lookup, and comprehensive resiliency against replay, impersonation, and man-in-the-middle attacks. An in-depth security analysis, along with performance evaluation, substantiates that the proposed protocol improves privacy and resilience without losing compatibility with low-cost RFID tags equipped only to perform lightweight cryptographic functions. This protocol also provides epoch-based unlinkability and is well suited for large-scale deployments, as found in healthcare, logistics, and Internet of Things (IoT) applications.
IPC Classification
Keywords
€ 4.00