Modified RAP-WOTA for Preventing Man in the Middle and Replay Attacks

RFID is a technology that utilizes radio waves to communicate and transmit data. The components involved in this communication process are tag, reader, and server. These three components must verify each other to ensure the authenticity of the components. Rajaguru K. and R.C Hansdah proposed an authentication protocol called RFID Authentication Encryption Protocol Without Tag Anonymity (RAP-WOTA). The protocol is claimed to fulfill key confidentiality, message confidentiality, message authenticity, tag anonymity, de-synchronization, mutual authentication, forward secrecy, and resistant to Man-in The-Middle (MTM) and replay attacks. Although it was claimed that RAP WOTA is secure against MTM and replay attacks, an analysis of RAP-WOTA using Scyther Tool shows that RAP-WOTA is vulnerable to MTM and replay attacks. In this paper we proposed modified RAP-WOTA that prevent MTM and replay attacks by adding some nonces or timestamps. Analyzing using Scyther Tool showed that this modification is secure against MTM and replay attacks.