Secure RFID identification and authentication with triggered hash chain variants

In this paper, we propose two RFID identification and authentication schemes based on the previously proposed Triggered Hash Chain scheme by Henrici and Muller [1]. The schemes are designed to mitigate the shortcomings observed in the Triggered Hash Chain scheme and to ensure privacypreserving identification, tag-reader mutual authentication, as well as forward-privacy in the case of RFID tags that have been compromised. The first scheme uses a challenge-response mechanism to defend against an obvious weakness of the Triggered Hash Chain scheme. The second scheme uses an authenticated monotonic counter to defend against a session linking attack that the first scheme is vulnerable to. We compare the level of security offered by our proposed schemes against other previous schemes and find that the schemes perform well, while keeping within reasonable overheads in terms of computational, storage and communication requirements.