Skip to main content

Research Repository

Advanced Search

Lightweight and Practical Anonymous Authentication Protocol for RFID systems using physically unclonable functions

Gope, Prosanta; Lee, Jemin; Quek, Tony Q.S.


Prosanta Gope

Jemin Lee

Tony Q.S. Quek


Radio frequency identification (RFID) has been considered one of the imperative requirements for implementation of Internet-of-Things applications. It helps to solve the identification issues of the things in a cost-effective manner, but RFID systems often suffer from various security and privacy issues. To solve those issues for RFID systems, many schemes have been recently proposed by using the cryptographic primitive, called physically uncloneable functions (PUFs), which can ensure a tamper-evident feature. However, to the best of our knowledge, none of them has succeeded to address the problem of privacy preservation with the resistance of DoS attacks in a practical way. For instance, existing schemes need to rely on exhaustive search operations to identify a tag, and also suffer from several security and privacy related issues. Furthermore, a tag needs to store some security credentials (e.g., secret shared keys), which may cause several issues such as loss of forward and backward secrecy and large storage costs. Therefore, in this paper, we first propose a lightweight privacy-preserving authentication protocol for the RFID system by considering the ideal PUF environment. Subsequently, we introduce an enhanced protocol which can support the noisy PUF environment. It is argued that both of our protocols can overcome the limitations of existing schemes, and further ensure more security properties. By analyzing the performance, we have shown that the proposed solutions are secure, efficient, practical, and effective for the resource-constraint RFID tag.


Gope, P., Lee, J., & Quek, T. Q. (2018). Lightweight and Practical Anonymous Authentication Protocol for RFID systems using physically unclonable functions. IEEE transactions on information forensics and security, 13(11), 2831-2843.

Journal Article Type Article
Acceptance Date Apr 4, 2018
Online Publication Date May 3, 2018
Publication Date Nov 1, 2018
Deposit Date Jun 20, 2018
Publicly Available Date Jun 25, 2018
Journal IEEE Transactions on Information Forensics and Security
Print ISSN 1556-6013
Electronic ISSN 1556-6021
Publisher Institute of Electrical and Electronics Engineers
Peer Reviewed Peer Reviewed
Volume 13
Issue 11
Pages 2831-2843
Keywords Radiofrequency identification; Protocols; Authentication; Privacy; Servers; Cryptography
Public URL
Publisher URL
Contract Date Jun 25, 2018


Article (2 Mb)

Copyright Statement
© 2018 IEEE. Personal use of this material is permitted. Permission from IEEE must be obtained for all other uses, in any current or future media, including reprinting/republishing this material for advertising or promotional purposes, creating new collective works, for resale or redistribution to servers or lists, or reuse of any copyrighted component of this work in other works.

You might also like

Downloadable Citations