Game-Based Cryptanalysis of a Lightweight CRC-Based Authentication Protocol for EPC Tags

Document Type : Research Article


1 MSc Student, Department of Electrical Engineering, Shahed University, Tehran, Iran

2 Assistant Professor, Department of Electrical Engineering, Amirkabir University of Technology, Tehran, Iran


The term "Internet of Things (IoT)" expresses a huge network of smart and connected objects which can interact with other devices without our interposition. Radio frequency identification (RFID) is a great technology and an interesting candidate to provide communications for IoT networks, but numerous security and privacy issues need to be considered. In this paper, we analyze the security and the privacy of a new RFID authentication protocol proposed by Shi et al. in 2014. We prove that although Shi et al. have tried to present a secure and untraceable authentication protocol, their protocol still suffers from several security and privacy weaknesses which make it vulnerable to various security and privacy attacks. We present our privacy analysis based on a well-known formal privacy model which is presented by Ouafi and Phan in 2008. Moreover, to stop such attacks on the protocol and increase the performance of Shi et al.’s scheme, we present some modifications and propound an improved version of the protocol. Finally, the security and the privacy of the proposed protocol were analyzed against various attacks. 


J. Banks, M. Pachano. L. Thompson, and D. Hanny, RFID applied, John Wiley & Sons, Inc., 2007.
D. He, and Sh. Zeadally, “An Analysis of RFID Authentication Schemes for Internet of Things in Healthcare Environment Using Elliptic Curve Cryptography,” IEEE Internet of Things Journal, vol. 2, no. 1, pp. 72 - 83 , 2015.
M.H. Ok, and G. Uiwang, “A location tracking by RFID to assist the transportation vulnerable in
subway stations,” in 11th WSEAS International Conference on Mathematical methods and computational techniques in electrical engineering, 2009.
L. Ruiz-Garcia, and L. Lunadei, “The role of RFID in agriculture: Applications, limitations and challenges,” Computers and Electronics in Agriculture, vol. 79, no. 1, pp. 42-50, 2011.
M. L. Ng, K. S. Leong, D. M. Hall, and P. H. Cole, “A small passive UHF RFID tag for livestock identification,” in IEEE International Symposium on Microwave, Antenna, Propagation and EMC Technologies for Wireless Communications, 2005.
P. Picazo-Sanchez, N. Bagheri, P. Peris-Lopez, and J. E. Tapiador, “Two RFID Standard-based Security protocols for healthcare environments,” Journal of Medical Systems, vol. 37, no. 5, pp. 1-12, 2013.
S. Maharjan, “RFID and IOT: An overview,” Simula Research Laboratory University of Oslo, 2010.
H. Gross, E. Wenger, H. Martín, and M. Hutter, “PIONEER: a Prototype for the Internet of Things Based on an Extendable EPC Gen2 RFID Tag,” in Radio Frequency Identification: Security and Privacy Issues, pp. 54-73, 2014.
L. Yang, P. Yu, W. Bailing, Q. Yun, B. Xuefeng, and Y. Xinling, “Hash-based RFID mutual authentication protocol,” International Journal of Security & Its Applications, vol. 7, no. 3, 2013.
D. Henrici, “RFID Security and privacy: concepts, protocols and architectures,” Lecture Notes Electrical Engineering, Springer-Verlag Berlin Heidelberg, vol. 17, 2008.
EPCglobal Inc., Available:
H. Gross, E. Wenger, H. Martín, and M. Hutter, "PIONEER: a Prototype for the Internet of Things Based on an Extendable EPC Gen2 RFID Tag," in Radio Frequency Identification: Security and Privacy Issues, pp. 54-73, 2014.
H. Hada, and J. Mitsugi, “EPC based internet of things architecture,” in IEEE International Conference on RFID-Technologies and Applications (RFID-TA), 2011.
B. Hameed, I. Khan, F. Durr, and K. Rothermel, “An RFID based consistency management framework for production monitoring in a smart real-time factory,” in 2rd International Conference on the Internet of Things (IOT), Tokyo, 2010.
T. C. Yeh, Y. J. Wanga, T. Ch. Kuo, and S. S. Wanga, “Securing RFID systems conforming to EPC Class 1 Generation 2 standard,” Expert Systems with Applications, vol. 37, p. 7678–7683, 2010.
M.H. Habibi, M. R. Alaghband, and M. R. Aref, “Attacks on a lightweight mutual authentication protocol under EPC C-1 G-2 standard,” in Information Security Theory and Practice. Security and Privacy of Mobile Devices in Wireless Communication, Springer, 2011, pp. 254-263.
E.-J. Yoon, “Improvement of the securing rfid systems conforming to EPC Class 1 Generation 2 standard,” Expert Syst. Appl., vol. 39, no. 11, p. 1589–1594, 2012.
S. M. Alavi, K. Baghery, B. Abdolmaleki, and M. R. Aref, “Traceability analysis of recent RFID authentication protocols,” Wireless Personal Communications Journal, DOI 10.1007/s11277-015-2469-0, March 2015.
A. Mohammadali, Z. Ahmadian, and M. R. Aref, “Analysis and Improvement of the securing RFID systems conforming to EPC Class 1 Generation 2 standard,” IACR Cryptology ePrint Archive, vol. 66, pp. 1-9, 2013.
F. Xiao, Y. Zhou, J. Zhou, H. Zhu, and X. Niu, “Security protocol for RFID system conforming to EPC-C1G2 standard,” Journal of Computers, vol. 8, no. 3, pp. 605-612, 2013.
Z. Shi, Y. Xia, Y. Zhang, Y. Wang, and J. Dai, “A CRC-based lightweight authentication protocol for EPCglobal Class-1 Gen-2 tags,” in 14th International Conference on Algorithms and Architectures for Parallel Processing (ICA3PP), 2014.
I. Coisel, and T. Martin , “Untangling RFID privacy models,” Journal of Computer Networks and Communications, pp. 1-26, 2013, DOI:10.1155/2013/710275.
S. M. Alavi, B. Abdolmaleki, and K. Baghery, “Vulnerabilities and improvements on HRAP+, a hash-based RFID authentication protocol,” Advances in Computer Science: an International Journal, vol. 3, no. 6, pp. 51-56, 2014.
Z. Sohrabi-Bonab, M. R. Alagheband, and M. R. Aref, “Formal cryptanalysis of a CRC-based RFID authentication protocol,” in The 22nd Iranian Conference on Electrical Engineering (ICEE 2014), Tehran, 2014.
G. Avoine, “Adversarial model for radio frequency identification,” Cryptology ePrint Archive, report 2005/049., 2005.
C. H. Lim, and T. Kwon, “Strong and robust RFID authentication enabling perfect ownership transfer,”
In Proceedings of ICICS ’06, LNCS 4307 , pp. 1-20, 2006.
A. Juels, and S.A Weis, “Defining strong privacy for RFID,” in Proceedings of PerCom ′07, pp. 342–347. , 2006.
K. Ouafi and R. C.-W. Phan, “Privacy of recent RFID authentication protocols,” in 4th International Conference on Information Security Practice and Experience, Springer, 2008.
R. H. Deng, Y. Li, M. Yung, and Y. Zhao, “A new framework work for RFID privacy,” in 15th European Symposium on Research in Computer Security (ESORICS), Athens, 2010.
D. Moriyama, S. Matsuo, and M. Ohkubo, “Relation among the security models for RFID authentication,” in In 17th European symposium on research in computer security, pp. 661–678, 2012.
S. Vaudenay, “On privacy models for RFID,” in ASIACRYPT 2007, LNCS 4833, pp. 68–87., 2007.
H. Y. Chien, and C. H. Chen, “Mutual authentication protocol for RFID confirming to EPC Class 1 Generation 2 standards,” Computer Standards & Interfaces, vol. 29, no. 2, pp.254-259, 2007.
L. Pang, H. Li, L. He, A. Alramadhan, and Y. Wang, “Secure and efficient lightweight RFID authentication protocol based on fast tag indexing,” International Journal of Communication Systems, vol. 27, no. 11, pp. 3244-3254, 2014.
M. Safkhani and N. Bagheri, “For an EPC-C1G2 RFID compliant Protocol, CRC with Concatenation: No; PRNG with Concatenation: Yes,” Cryptology ePrint Archive, Report 2013/490, 2013
Yeh T C, Wanga Y J, Kuo T C, Wanga S S, “Securing RFID systems conforming to EPC Class 1 Generation 2 standard,” Expert Systems with Applications, 37 :7678–7683, 2010.
Wang S, Liu S, Chen D, “Security analysis and improvement on two RFID authentication protocols,” Wireless Personal Communications DOI 10.1007/s11277-014-2189-x, 2014.