Protect mobile RFID location privacy using dynamic identity

To protect data and location privacy of an RFID user, the transmitted sensitive information of RIFD tags must be encrypted and unpredictable. The previous approaches to protect user privacy for RFID are classified into authentication-based schemes, encryption-based schemes, and dynamic identity schemes. However, authentication-based schemes are easily broken. Because low-cost RFID tags are not tamper-resistant, the key for the authentication protocol cannot be well protected. Encryption-based schemes can protect data privacy but location privacy is still vulnerable due to fixed cipertext. Although dynamic identity schemes have chance to overcome the previous problems, but dynamic identity schemes are limited by exhaustive search problem. And, the cost of RFID tags is very limited. In this paper, we proposed a lightweight dynamic identity based RFID authentication scheme to protect both data privacy and location privacy. And we use the GNY logic analysis to show the proposed scheme can against threats of replay attacks, spoofing, man-in-the-middle, and message loss.