A secure ECC-based mobile RFID mutual authentication protocol and its application

Mobile RFID applications combine RFID technologies and mobile device to create a new convenient application area. However, most of the applications suffer from the security issues due to insecure communication channels among tags, readers and servers. In 2012, Zhou et al. proposed an ECC-based mutual authentication protocol to promote mobile RFID applications security. However, we found their protocol faces to OTRUTS (one time reading and unlimited times service) problem, which means once a reader read the data of a certain tags from a server successfully, the reader can read it unlimited times without reading those tags again. Therefore, their protocol cannot securely support some mobile RFID applications such as the security patrolling application. In this paper, we propose a new secure ECC-based mobile RFID mutual authentication protocol for the safety of mobile RFID applications such as security patrolling.