RFID tags have become ubiquitous and cheaper to implement. It is often imperative to design ultralightweight authentication protocols for such tags. Many existing protocols still rely on triangular functions, which have been shown to have security and privacy vulnerabilities. This work proposes UMAPSS, an ultralightweight mutual-authentication protocol based on Shamir’s (2,n) secret sharing. It includes mechanisms for double verification, session control, mutual authentication, and dynamic update to enhance security and provide a robust privacy protection. The protocol relies only on two simple bitwise operations, namely addition modulo 2m and a circular shift Rot(x, y), on the tag’s end. It avoids other, unbalanced, triangular operations. A security analysis shows that the protocol has excellent privacy properties while offering a robust defense against a broad range of typical attacks. It satisfies common security and the lowcost requirements for RFID tags. It is competitive against existing protocol, scoring favourably in terms of computational cost, storage requirement, and communication overhead.

Introduction

Radio Frequency Identification (RFID) brought automatic object identification by electromagnetic wave into sensor technology, requiring no physical contact, which was revolutionary. As costs steadily drop, RFID systems are increasingly deployed in varied environments, raising 5 numerous security and privacy concerns. Many works have pointed out that RFID is vulnerable to practical malicious attacks (see [1] and [2]) and security threats (see [3] and [4]). These include eavesdropping, message interception and modification, blocking, jamming, counterfeiting, spoofing, traffic analysis, man in the middle (MITM), traceability, and desynchronization attacks. Effective authentication protocols to improve robustness, reliability, and security against 10 major attacks, both passive and active, are crucial. Based on memory type, power consumption, and price, RFID tags are either high-cost or low-cost. In 2007, Chien proposed a tag classification based on computational cost and supported on-tag operations [5]. High-cost tags fall into either full-fledged or simple class. The low-cost tags are either in the lightweight or ultralightweight class. Low-cost RFID tags have 15 between 5000 to 10000 logic gates with only 250 to 3000 of them to use for security functions. It remains very challenging to deploy conventional cryptographic protocols on tags, especially the ultralightweight ones. Their typical authentication protocol uses only simple bitwise operations such as XOR, OR, AND, and rotation. This paper incorporates threshold secret sharing into ultralightweight authentication proto20 cols (UAPs) for RFID tags. We start by evaluating existing UAPs to establish the security requirements and identify common vulnerabilities. We then propose a new protocol that incorporates Shamir’s (2,n) secret sharing, henceforth (2,n) SS. There are several advantages. The (2,n) SS scheme is cheap to implement. It boosts the security of the overall system.