ACSP: A novel security protocol against counting attack for UHF RFID systems

Current research on UHF RFID system security mainly focus on protecting communication safety and information privacy between a pair of specific tags and its corresponding interrogation reader. However, instead of stealing detailed private information of tags, adversaries may just want to estimate the cardinality of tags, which is named counting attack. Unfortunately, most existing protocols are vulnerable to counting attack. To defend against this attack, in this paper we propose ACSP, a novel Anti-Counting Security Protocol. ACSP employs session identifier and provides a corresponding authentication metric to verify the commands sent by the reader. To handle counting attack, ACSP periodically updates the session identifier, and securely identifies tags with encryption. We evaluate the performance of ACSP through theoretical analysis and qualitative comparison. Results show that ACSP can efficiently withstand counting attack as well as defending against regular security threats as existing protocols. (C) 2011 Elsevier Ltd. All rights reserved.