A one round-trip ultralightweight security protocol for low-cost RFID tags

Radio Frequency Identification systems are already used in many sensitive areas, and are likely to be adopted almost everywhere. But their massive deployment implies several security and privacy issues. Moreover, low cost RFID tags have very limited storage and computational capabilities and cannot afford classic cryptographic primitives, which makes them vulnerable to several attacks. In this paper, we introduce some novelties in the field of lowcost security protocols such as the utilization of only two messages to fully complete the authentication and identification of the reader-tag. Additionally, the implementation of the pseudo random number generator (PRNG) on the server side reduces the storage and computation requirements on the tag. Furthermore, the proposed scheme protects the user's privacy and resists several attacks like malicious traceability, replay and impersonation attacks. And most importantly our protocol relies on simple bitwise operations and does not require computationally expensive cryptographic mechanisms.