Radio frequency identification (RFID) authentication is an indispensable part of RFID applications, which allows a reader to identify objects in an authenticated manner. Recently, Liao and Hsiao proposed a very interesting elliptic curve cryptography-based RFID authentication scheme with ID-verifier transfer protocol. They claimed that the proposed protocol is secure against many attacks and satisfies essential security requirements of RFID systems. However, in this paper, we demonstrate that the protocol suffers from several attacks, in contrast to their original claims in the paper. Furthermore, we also propose a repaired version of the authentication protocol against identified attacks, and we provide formal security proofs.
- Applied cryptography
- RFID security