A mutual authentication protocol for low-cost RFID tags formally verified using CasperFDR and AVISPA

Although Radio Frequency IDentification (RFID) systems offer many remarkable characteristics, security and privacy concerns are not easy to address. In this paper, we aim to overcome some of the significant privacy and security concerns by proposing a simple and lightweight RFID mutual authentication protocol. Our protocol is utilising hash functions and simple bitwise operations in an attempt to extract the strengths found in previous protocols and avoid their deficiencies. We found that the majority of the proposed protocols fail to resist DoS attacks when the attacker blocks the messages exchanged between the reader and tag more than once. Moreover, recent research focused on the security side and ignored performance. Our proposed protocol aims to solve these issues. We provide an informal analysis along with automated formal analysis using CasperFDR and AVISPA. The results show that the proposed protocol guarantees secret data secrecy and authentication under the presence of a passive adversary.