Private and Secure Tag Access for Large-Scale RFID Systems

The performance of key authentication and the degree of privacy in large-scale RFID systems are considered by many researchers as tradeoffs. Based on how keys are managed in the system, the privacy preserving tag authentications proposed in the past can be categorized into tree-based and group-based approaches. While a tree-based approach achieves high performance in key authentication, it suffers from the issue of low privacy should a fraction of tags be compromised. On the contrary, while group-based key authentication is relatively invulnerable to compromise attacks, it is not scalable to a large number of tags. In this paper, we propose a new private tag authentication protocol based on skip lists, named randomized skip lists-based authentication (RSLA). Without sacrificing the authentication performance, RSLA provides a high privacy preserving mechanism. While RSLA provides the same level of unpredictability-based-privacy and indistinguishability-based privacy compared with other structured key management approaches, our scheme achieves the highest system anonymity with good performance in key look up and update. In addition, the simulation results match our analyses closely.