The Modeling and Analysis of the Strong Authentication Protocol for Secure RFID System

In the RFID security domain, various issues are related to data protection of tags, message interception over the air channel, and eavesdropping within the interrogation zone of the RFID reader (Sarma. et al., 2003; EPCglobal). This topic has been so far been dominated by the topics of data protection associated with data privacy and authentication between tag and reader. In this paper, when using RFID, two aspects on the risks imposed on the passive party are discussed. Firstly, the data privacy problem is such that storing person-specific data in a RFID system can threaten the privacy of the passive party. This party may be, for example, a customer or an employee of the operator. The passive party uses tags or items that have been identified as tags, but the party has no control over the data stored on the tags. Secondly, authentication is carried out when the identity of a person or program is verified. Then, on this basis, authorization takes place, i.e. rights, such as the right of access to data. In the case of RFID systems, it is particularly important for tags to be authenticated by the reader and vice-versa. In addition, readers must also authenticate themselves to the backend, but in this case, there are no RFID-specific security problems. To satisfy the above requirements, security protocols play an essential role. As with any protocol, the security protocol comprises a prescribed sequence of interactions between entities, and is designed to achieve a certain end. A diplomatic protocol typically involves a memorandum of understanding exchange, intended to establish agreement between parties with potentially conflicting interests. Security protocols are, in fact, excellent candidates for rigorous analysis techniques: they are critical components of distributed security architecture, very easy to express, however, extremely difficult to evaluate by hand. They are deceptively simple: literature is full of protocols that appear to be secure but have subsequently been found to fall prey to a subtle attack, sometimes years later. Cryptographic primitives are used as building blocks to achieve security goals such as confidentiality and integrity authentication. Formal methods play a very critical role in examining whether a security protocol is ambiguous, incorrect, inconsistent or incomplete. Hence, the importance of applying formal methods, particularly for safety critical systems, cannot be overemphasized. There are two main approaches in formal methods, logic based methodology (Burrows et al., 1989; Hoare, 1985), and tool based methodology (Lowe, 1997; FDR, 1999). In this paper, the hash (Sarma.