Muhammad, Fazal, Badshah, Akhtar, Ai, Xin, Waqas, Muhammad ORCID: https://orcid.org/0000-0003-0814-7544, Khan, Jalal, Vasilakos, Athanasios V. and Song, Houbing (2025) Desynchronization-resistant anonymous authentication protocol for RFID systems utilizing physically unclonable functions. IEEE Internet of Things. ISSN 2327-4662 (doi:10.1109/JIOT.2025.3645565)

Preview

PDF (Author's Accepted Manuscript) 52020 WAQAS_Desynchronization-Resistant_Anonymous_Authentication_Protocol_For_RFID_Systems_(AAM)_2025.pdf - Accepted Version Download (1MB) | Preview

Abstract

Radio frequency identification (RFID) systems are an indispensable part of many critical Internet of Things (IoT) applications, including supply chain management and access control. Ensuring strong security in these systems is critical to safeguarding sensitive information and protecting user privacy. In recent years, in order to meet the diversified security needs of RFID systems, authentication and key protocols based on physical unclonable functions (PUFs) have received wide attention. Nevertheless, existing protocols typically require RFID tags to pre-store an excessive number of secret credentials and impose considerable computational and communication overheads, which prove challenging for resource-constrained RFID tag. Additionally, certain lightweight protocols fall short of achieving their intended security and functional objectives, exhibiting insufficient anonymity and untraceability, and vulnerability to desynchronization attacks. To address these critical challenges, this paper first proposes a lightweight anonymous authentication and key agreement protocol designed for an ideal PUF environment. The proposed protocol integrates the arbiter PUF with cryptographic hash functions, providing robust resistance to potential attacks while minimizing system overhead. Subsequently, an enhanced protocol specifically tailored for noisy PUF scenarios is presented. This protocol employs a fuzzy extractor to reliably derive stable keys from noisy PUF responses, thereby mitigating the instability caused by inherent noise. Through comprehensive security analysis and formal verification, as well as performance evaluations compared with existing state-of-the-art protocols, both protocols are demonstrated to overcome the limitations of prior protocols and provide efficient and practically feasible solutions well suited for resource-constrained RFID environments.

Fazal Muhammad; Akhtar Badshah; Xin Ai; Muhammad Waqas; Jalal Khan; Athanasios V. Vasilakos

Item Type:	Article
Additional Information:	“© 20XX IEEE. Personal use of this material is permitted. Permission from IEEE must be obtained for all other uses, in any current or future media, including reprinting/republishing this material for advertising or promotional purposes, creating new collective works, for resale or redistribution to servers or lists, or reuse of any copyrighted component of this work in other works.”
Uncontrolled Keywords:	RFID systems, Internet of Things (IoT), physically unclonable functions (PUFs), authentication, key agreement.
Subjects:	Q Science > Q Science (General) Q Science > QA Mathematics Q Science > QA Mathematics > QA75 Electronic computers. Computer science
Faculty / School / Research Centre / Research Group:	Faculty of Engineering & Science Faculty of Engineering & Science > School of Computing & Mathematical Sciences (CMS)
Last Modified:	19 Dec 2025 10:39
URI:	https://gala.gre.ac.uk/id/eprint/52020

Actions (login required)

View Item

Downloads