The application of RFID technology has gently incorporated into our daily life, e.g. supply chain management, credit cards, barcodes and ticketing. Hence privacy and security in RFID have a particular emphasis inasmuch as RFID tags suffer from some inherent weaknesses. Authentication as a crucial element for all security mechanisms has been an interesting subject in recent years. In this work, we analyze a recently proposed RFID authentication protocol by Kulseng et al.  and highlight its security and privacy vulnerabilities. We show that Kulseng protocol (KWYG protocol) being vulnerable to several significant attacks like desynchronization, tag and reader impersonation and traceability attacks. Finally, we propose our protocol to eliminate the vulnerabilities with reasonable storage and computational requirements.
IOS Press, Inc.
6751 Tepper Drive
Clifton, VA 20124
Tel.: +1 703 830 6300
Fax: +1 703 830 2300 firstname.lastname@example.org
(Corporate matters and books only) IOS Press c/o Accucoms US, Inc.
For North America Sales and Customer Service
West Point Commons
Lansdale PA 19446
Tel.: +1 866 855 8967
Fax: +1 215 660 5042 email@example.com