Ultralightweight RFID Reader-Tag Mutual Authentication Revisited

Yu Chung Huang, Jehn Ruey Jiang

Research output: Chapter in Book/Report/Conference proceedingConference contributionpeer-review


The RFID (Radio Frequency Identification) technology plays an important role of providing mobile services in Internet of Things (IoT) environments. In an RFID (Radio Frequency Identification) system, a tag with a unique ID is attached to an object and a reader can recognize the object by identifying the attached tag. With this identified tag ID, the reader can then retrieve the related information of the object from the backend server database and even access IoT-aware services associated with the object. Due to the nature of RF signals, the communication between the reader and tags is vulnerable to attacks. Typical attacks include the man-in-the-middle (MitM), replay, forward secrecy, denial of service (DoS), and impersonation attacks. Due to the extremely small memory and very limited computation power of tags, some RFID reader-tag mutual authentication schemes, like Huang and Jiang's scheme, Yi et al.'s scheme and Khedr's scheme, have been proposed to resist these attacks by using on-tag ultra lightweight operations, such as the random number generation (RNG), the pseudo random number generator (PRNG), the cyclic redundancy check (CRC), the exclusive-or (XOR), and lightweight cryptographic hash function (LHash) operations. These schemes still have some flaws, though. This paper proposes an improved mutual authentication scheme using only ultra lightweight operations to resist more attacks and/or achieve lower communication, computation, and tag memory overheads.

Original languageEnglish
Title of host publicationProceedings - 2015 IEEE 3rd International Conference on Mobile Services, MS 2015
EditorsJia Zhang, Onur Altintas
PublisherInstitute of Electrical and Electronics Engineers Inc.
Number of pages8
ISBN (Electronic)9781467372848
StatePublished - 26 Aug 2015
Event3rd IEEE International Conference on Mobile Services, MS 2015 - New York, United States
Duration: 27 Jun 20152 Jul 2015

Publication series

NameProceedings - 2015 IEEE 3rd International Conference on Mobile Services, MS 2015


Conference3rd IEEE International Conference on Mobile Services, MS 2015
Country/TerritoryUnited States
CityNew York


  • hash
  • Internet of Things (IoT)
  • mutual authentication
  • privacy
  • Radio Frequency Identification (RFID)
  • security


Dive into the research topics of 'Ultralightweight RFID Reader-Tag Mutual Authentication Revisited'. Together they form a unique fingerprint.

Cite this