Abstract:
In some applications, it is often needed to simultaneously transfer the ownership of a group of RFID (radio frequency identification) tags in a session. However, most of the existing group ownership transfer schemes for RFID tags generally require the support of a trusted third party, and they often have many security and privacy protection issues. Based on the analysis of security requirements, a secure and efficient group ownership transfer protocol for RFID tags is designed. The new protocol supports simultaneous ownership transfer of a group of RFID tags without a trusted third party. Then, in the UC(universally composable) framework, an ideal functionality capturing the secure group ownership transfer for RFID tags is formally defined, and it is proved that the new protocol realizes the above defined ideal functionality. Compared with the existing group ownership transfer protocols for RFID tags, the new protocol provides the security and privacy properties such as anonymity, untraceability, mutual authentication, authorized access, resistance to de-synchronization attack, forward privacy protection and backward privacy protection. Meanwhile, it satisfies UC security. Furthermore, the new protocol has low computational complexity. In addition, the number of storage on the tag and the number of interaction among the entities are small.