Skip to Main Content
In this paper, we analyze storage awareness RFID authentication protocol based on sparse tree structure (SAPA), which provides backward untraceability and reduces the space for storing key sequence. We discover that SAPA does not provide location and information privacy between successful authentication sessions and does not resist denial of service attacks, forward traceability, and server impersonation. We analyze the weaknesses of SAPA and propose a new RFID authentication protocol. The proposed protocol provides better protection against privacy and security threats than those before. Our proposed protocol provides tag information privacy and tag location privacy, and resists replay attacks, denial of service attacks, backward traceability, forward traceability (under an assumption), and server impersonation with an efficient keylookup. Furthermore, our protocol has the least computation and communication load on both the tag and the server side compared to other tree based protocols.