Improvement of minimum disclosure approach to authentication and privacy in RFID systems

RFID facilitates automatic identification, tracking, and handling of objects, human beings, and animals through the use of radio-frequency based communications. The performance of RFID depends on tag, reader, and server equipment that make use of radio waves in order to establish communications between each other. The economic transfers are among the primary objectives of RFID, though these days, other sectors within the industry benefit from it. Nonetheless, the major concern in RFID systems relates to their security and privacy. Up to now, several protocols have been introduced on tag and reader identification but the majority of them suffer from shortcomings. In 2012, Doss et al. proposed a lightweight protocol based on minimum disclosure that guaranteed the safety of communications between tag-reader and reader-server channels. In the current study, it has been shown that this protocol is prone to replay attack. In other words, attackers can authenticate themselves to the server as a legal reader or a legal tag. Therefore, an improvement has been proposed in the current article to make the protocol more resistant against attacks.