The current RFID (Radio Frequency Identification, RFID) technology has been widely used in our daily life and business activities in various fields. However, many existing RFID security protocols still cannot meet the actual security needs. Constant attacks include denial of service attacks, replay attacks, and location privacy attacks and so on.
During 2009 and 2010, new RFID security protocols proposed have tried to im-prove the vulnerability of previous RFID protocols. However, we found that those new protocols still cannot avoid the above mentioned attacks, and there still exists privacy concerns regarding leakage of data. Therefore, this research analyzes related protocols in literature, their weaknesses, and proposes new mechanism to improve the weak-nesses.
The proposed new protocol in this research consider only the applications that readers of RFID are required to read and modify the application data stored in RFID tags, and that the application data is not stored in the RFID back-end database system. The new protocol uses encryption, secure hash function, and random numbers to achieve the location privacy of user tag. Since no database is needed in the new protocol, the back-end server also prevents the cost of searching the entire RFID back-end data-base. With the low cost simple authentication and encryption operations in the RFID tag, efficiency and safety are also achieved.
