Skip to Main Content
Radio Frequency Identification (RFID) is a technology that enables the non-contact, automatic and unique identification of objects using radio waves. Its use for commercial applications has recently become attractive with RFID technology seen as the replacement for the optical barcode system that is currently in widespread use. RFID has many advantages over the traditional barcode and these advantages have the potential to significantly increase the efficiency of decentralised business environments such as logistics and supply chain management. One of the important features of an RFID system is its ability to search for a particular tag among a group of tags. In order to ensure the privacy and security of the tags, the search has to be conducted in a secure fashion. To our knowledge not much work has been done in this secure search area of RFID. The limited work that has been done does not comply with the EPC Class-1 Gen-2 standards since most of them use expensive hash operations or sophisticated encryption schemes that cannot be implemented on low-cost passive tags that are highly resource constrained. Our work aims to fill this gap by proposing a serverless ultra-lightweight secure search protocol that does not use the expensive hash functions or any complex encryption schemes but achieves compliance with EPC Class-1 Gen-2 standards while meeting the required security requirements. Our protocol is based on XOR encryption and random numbers - operations that are easily implemented on low-cost RFID tags. Our protocol also provides additional protection using a blind-factor to prevent tracking attacks. Since our protocol is EPC Class-1 Gen-2 compliant it makes it possible to implement it on low-cost passive RFID tags.