A secure self-certification mechanism of RFID

Many mechanisms of RFID certification based on cryptography theory proposed in recent years still cannot solve the transmission problem of high performance despite of some improvement achieved. Dimitriou proposed a two way certification mechanism but failed in easy to suffering from the risk of tracking attack. Beside, Lv also found that the solutions of Dimitriou still have a common weakness on the traceability of the tag, and proposed a modified mechanism to correct this weakness. Unfortunately, Lv´s method cannot finish certification process without a server and likely to suffering from DoS (Denial of Service) attack. In order to modify Lv´s protocol, this research presents a self-certification mechanism of RFID depending on the elliptic curve discrete logarithm problem (ECDLP) and one way hash function, this approach achieves anti-tracking from various attacks during communication. The proposed protocol includes two phases of initialize phase and certification phase. In initialize phase, the database server transmits the RFID system key K to the reader/tag, the reader does not need to connect with database server for continuation of certification procedure. The reader calculates and verifies Z´= X⊕h(mR) according to the parameter he/she received, and the tag also calculates and verifies Y=h(mR)⊕h(mS)⊕h(mT) according to the parameter he/she received. The proposed mechanism has two advantages: (1) it can reach self certification without relying on database server which is easily suffer from DoS attack. (2) It provides better performance and suitable for a passive tag which is a weak computational device with limited memory. The proposed mechanism can not only promotes the safety protection but also improves the operation efficiency.