In an RFID (Radio Frequency Identification) system, a tag with a unique ID is attached to an object and a reader can recognize the object by identifying the attached tag. With this identified tag ID, the reader can then retrieve the related information of the object from the backend server database. Due to the nature of RF signals, the communication between the reader and tags is vulnerable to attacks, leading to privacy and security weakness. Typical attacks include the forged-tag,

more »

... r, man-in-the-middle (MitM), tracking, replay, forward secrecy and DoS attacks. Due to the extremely small memory and very limited computation power of tags, some security schemes, like Chien and Chen's scheme, Chen and Deng's scheme, have been proposed to resist these attacks by using ultralightweight operations on tags, such as the random number generation (RNG), the pseudo random number generator (PRNG), the cyclic redundancy check (CRC), and the exclusive-or (XOR) operator. These schemes still have some flaws, though. In this article, we show two mutual authentication schemes using only ultralightweight operations conforming to the EPCglobal Class 1 Generation 2 (EPC C1G2) standard to resist aforementioned attacks and reduce the communication and/or computation overheads. We show comparisons of the two schemes and other related ones, and also show some research directions on designing good RFID reader-tag mutual authentication schemes.