CRFID: An RFID system with a cloud database as a back-end server

Radio-frequency identification (RFID) systems can benefit from cloud databases since information on thousands of tags is queried at the same time. If all RFID readers in a system query a cloud database, data consistency can easily be maintained by cloud computing. Privacy-preserving authentication (PPA) has been proposed to protect RFID security. The time complexity for searching a cloud database in an RFID system is O(N), which is obviously inefficient. Fortunately, PPA uses tree structures to manage tags, which can reduce the complexity from a linear search to a logarithmic search. Hence, tree-based PPA provides RFID scalability. However, in tree-based mechanisms, compromise of a tag may cause other tags in the system to be vulnerable to tracking attacks. Here we propose a secure and efficient privacy-preserving RFID authentication protocol that uses a cloud database as an RFID server. The proposed protocol not only withstands desynchronizing and tracking attacks, but also provides scalability with O(log N) search complexity. (C) 2013 Elsevier B.V. All rights reserved.