A Lightweight RFID Mutual Authentication Protocol Based on Physical Unclonable Function

With the fast development of the Internet of Things, Radio Frequency Identification (RFID) has been widely applied into many areas. Nevertheless, security problems of the RFID technology are also gradually exposed, when it provides life convenience. In particular, the appearance of a large number of fake and counterfeit goods has caused massive loss for both producers and customers, for which the clone tag is a serious security threat. If attackers acquire the complete information of a tag, they can then obtain the unique identifier of the tag by some technological means. In general, because there is no extra identifier of a tag, it is difficult to distinguish an original tag and its clone one. Once the legal tag data is obtained, attackers can be able to clone this tag. Therefore, this paper shows an efficient RFID mutual verification protocol. This protocol is based on the Physical Unclonable Function (PUF) and the lightweight cryptography to achieve efficient verification of a single tag. The protocol includes three process: tag recognition, mutual verification and update. The tag recognition is that the reader recognizes the tag; mutual verification is that the reader and tag mutually verify the authenticity of each other; update is supposed to maintain the latest secret key for the following verification. Analysis results show that this protocol has a good balance between performance and security.


Introduction
Radio frequency identification technology is able to recognize objects and people automatically, and it can also automatically obtain related data of recognized objects, which is the non-contract recognition technique [1]. Because of this, the recognition of radio frequency identification (RFID) does not only need the artificial interference, but also work well in the severe environment. Recently, most RFID systems are based on the electric induction [2]. Attaching a RFID tag on an object, which involves the information of this object, the dedicated recognition terminal can recognize this attached object through reading the tag. In addition, since RFID products read data does not require light source and can pass through external material, and the service life is durable, compared with bar code, RFID products have more advantages [3].
By now, RFID has been used into many areas, such as supply chain management, electric passport, credit card, driving license [4,5], vehicle system (charging system, keyless entry systems), entrance guard card (building gate, public transport) and health care. Especially, in the USA, Japan, and other developed countries, they have equipped with advanced and mature RFID systems [6]. Some retailers have invested RFID technology, and also authorized RFID producers to attach tag on their goods, so that the low-budget RFID tags are pervasively produced. Wal-Mart passed a resolution, which producers must sufficiently take advantage of the RFID, attaching RFID tags on all products to reduce manpower and material resources [7].
Generally, a typical RFID framework is composed of a reader, tag and a database [8], which is shown in Figure 1. (1) Reader: The main function is to transfer energy to the tag via radio frequency and read data of tag or write data to tag [9]. In common RFID systems, reader still needs to exchange data with database. A reader is composed of the oscillating circuit, communication channel, and controller. (2) Tag: According to the self-contained power or not, tag is classified into active tag, semi-passive tag and passive tag; based on the frequency, tag is classified into low-frequency tag, high-frequency tag and ultrahigh frequency tag [10]. By various applications, the proper tags are needed to be chosen. Mechanism of RFID systems: Firstly, reader sends signals via antenna, and tag receives signal and sends internal tag data. Then, reader receives and verifies the tag data. Finally, reader sends verification result to the host computer which is connected to a database.
Because RFID has the advantages of supporting dynamic real-time communication, fast recognition, easy to read, low cost, it is widely applied into various areas. Nevertheless, when RFID brings convenience, at the same time, its security problem is gradually exposed. In detail, during a simple write and read process, especially for the read or write on a passive tag, the read or write operation will happen when tag is close to a reader with the information exchange. Later, with the existence of a large number of fake and counterfeit RFID products, although researchers continuously find anti-fake measures, it is unable to completely eradicate them. Fake and counterfeit products make massive loss for world politics, economy, and culture, it has been a worldwide problem [11]. Clone tag is a kind of serious security threat for RFID systems. If attackers acquire the complete information of a tag, they could be able to obtain the unique identifier. In addition of this identifier, tag has no other identify, clone tag is therefore difficult to distinguish from the real one. In addition, as long as the legal tag data is obtained, attacker can launch such copy or clone attack.
In this case, researchers have taken measures to defend against clone attack, such as tag deactivation, encryption algorithms [12], identify verification [13] and hash code [14]. Reference [15] showed a mutual RFID verification protocol by using the elliptic curve cryptograph (ECC), which depends on ECC to enhance the ability of anti-clone. In the literature [16], authors gave a tag encryption algorithm without storage of the secret key. Instead, it depends on the hash value stored in the host computer. Reference [17] gave another RFID verification protocol based on hash, which provides already modified identifier to increase the privacy of verification. These mentioned protocols above rely on the security code which involve tag and the host computer, as well as one-way hash function.
Since the small and limited storage space in the tag, those solutions are based on the complex encryption algorithm which is similar to the hash function and it cannot be applied into the low-cost tag [18]. In such low-cost RFID systems, the biggest challenge to guarantee the security and privacy comes from the sparse tag resource [19]. To solve this problem, some lightweight encryption algorithms without hash function are put forward, and the method to identify clone tag as well [20,21]. Lehtonen raised a method based on statistics to detect clone tag from the RFID track [22]. Zannetti showed a method to detect clone attack with the protection of privacy [23].
Another anti-clone tag method is proposed by using the PUF technique. PUF technique is a breakthrough of the semi-conductor security techniques. PUF is a "biometric" identification technique in chips, which is also called the "chip DNA" technique [24]. PUF obtains the unique secrets from each chip. This secret information can be used to verify the authenticity of a chip, in the safe-guarding and anti-counterfeiting area, PUF has great application perspective. In the production of each chip, the tiny difference among chips unavoidably exist, although the chip design and production are the same, it is impossible to produce two chips which are completely same, so that PUF techniques can enhance anti-clone function [25]. The PUF judge circuit is shown as Figure 2 [26]. In Figure 2, the circuit is a decision-based PUF delay circuit. After inputting X[0], the circuit generates two delay paths whose length are equal, and the input signal is sent to the two paths at the same time. The decision module will choose the path that the input signal first reaches the destination. If the signal which is connected to the D point arrives firstly, it will output 1, otherwise it will output 0. Different physical manufacturing processes result in different outcomes which will give rather different outputs to the same input. PUF circuit receives a search command as an input signal and produces a unique serial feedback, which is verified by command/response mechanism. Different PUF circuits have various delay features, so that their transport speed is different and time of two signals passing PUF is different. The tail of a PUF circuit is an arbiter, and is able to judge the statue of signals before and after to output "1" or "0". A same signal passing two different PUF circuits can produce different outputs, and because that input signal determines the transport rout in PUF circuit, the different input signals are corresponding to different outputs. In 2010, Kulseng proposed a lightweight mutual verification protocol based on PUF [27]. This lightweight protocol uses the PUF and linear feedback shift register (LFSR), rather than uses the complex plus and minus operations, which is very suitable for low-cost RFID tag, but it indicates the security problems of lightweight mutual verification [28].
This paper is structured as follows: section I introduces related research results about RFID security. Section 2 describes Kulseng's lightweight mutual verification protocol and the shortcomings of this protocol. Section 3 introduces our lightweight mutual verification protocol. Section 4 uses GNY logic analysis to prove the availability of our protocol. Section 5 executes the security analysis on our protocol. Section 6 simulates our lightweight mutual verification protocol and evaluate it in the experiments. Section 7 gives the performance analysis. At last, we conclude the paper.

Kulseng's Mutual Verification Protocol and Its Security Analysis
This section specifically analyses the Kulseng's mutual verification protocol based on the PUF. In this paper, it is called K protocol in the following. Some definitions of K protocol are shown in Table 1.

ID
The ID of tag FID The false ID of tag IDS The index of tag in the database PUF(X) The result of the value X processed by the PUF module in the tag The XOR operation F(X) The Permutation function K n The shared secret key by the reader and the tag P n The secret value of the tag < < < The loop left movement operation & The AND operation || The JOIN operation Figure 3 shows the Kulseng's mutual verification protocol. The specific steps are listed in the following. S1: Reader firstly sends a search request to the tag. S2: After receiving the request, the tag sends the IDS to reader. S3: After receiving the IDS from the tag, reader searches this IDS in database. If this IDS can be found, it means that the database stores this IDS, and the tag is successfully recognized and reader sends ID ⊕ G n to the tag. If not, this tag can not be recognised and the protocol stops.

Protocol Process
S4: After receiving ID ⊕ G n , by calculating ID ⊕ G n ⊕ ID to obtain G n of ID ⊕ G n sent from reader, and tag compares this with its own G n . If they are different, it means that the reader is not been verified, and the protocol stops. Otherwise, this reader is verified. The tag executes following operations: 1 Calculating following value: Calculating the following value and sending them to the reader. K n ⊕ G n+1 , K n+1 ⊕ G n+2 3 Update tag data: IDS = F(IDS ⊕ G n ), G n = G n+1 S5: After receiving K n ⊕ G n+1 , K n+1 ⊕ G n+2 , reader judges whether K n ⊕ G n+1 = F( G n ) ⊕ G n+1 or not. If not, this tag is not verified, and the K protocol stops; if it is equal, tag is verified and reader executes the following operations: 1 Calculating value of G n+2 : Updating reader data by the calculated value of G n+2 :

Data Confidentiality
Attacker firstly intercepts a complete verification process to obtain ID ⨁ G , K ⨁ G and K ⨁ G . Tag updates its data after a complete verification, and IDS = F(IDS ⨁ G ) is updated at the same time. In the next verification, attacker pretends to be a reader and sends a request to tag, and the tag sends its IDS to attacker after receiving the request from attacker, in which the IDS = F (IDS ⨁ G ). The attacker has four values: ID ⨁ G , K ⨁ G , K ⨁ G and (IDS ⨁ G ) . Here, F is the function representing Linear Feedback Shifting Register (LFSR). According to the LFSR, if the attacker knows the LFSR's characteristic polynomial and output, the attacker can know the seed of LFSR via the matrix multiplication. In this way, combining the IDS in last verification and F(IDS ⨁ G ) obtained at this time, attacker can easily know the secret key G used in the last verification, and use XOR between G and ID ⨁ G , then attacker can know the ID of tag.

Desynchronized Attack
Attack one: Intercept the last information sent by tag to reader ( K ⨁ G , K ⨁ G ). Assume attacker is intercepting a verification process, after the tag confirms the reader, tag updates its data and sends K ⨁ G , K ⨁ G to the reader. At this moment, the attacker can obtain this information without being received by the reader. Because reader cannot verify the tag, the database cannot update the corresponding secret key value to the tag, which causes the data of the tag and the database are not synchronized. In the following verification, due to the difference between G of the tag and G of the datab K ase, tag would refuse service.

Data Confidentiality
Attacker firstly intercepts a complete verification process to obtain ID ⊕ G n , K n ⊕ G n+1 and K n+1 ⊕ G n+2 . Tag updates its data after a complete verification, and IDS = F(IDS ⊕ G n ) is updated at the same time. In the next verification, attacker pretends to be a reader and sends a request to tag, and the tag sends its IDS to attacker after receiving the request from attacker, in which the IDS = F(IDS ⊕ G n ). The attacker has four values: ID ⊕ G n , K n ⊕ G n+1 , K n+1 ⊕ G n+2 and (IDS ⊕ G n ). Here, F is the function representing Linear Feedback Shifting Register (LFSR). According to the LFSR, if the attacker knows the LFSR's characteristic polynomial and output, the attacker can know the seed of LFSR via the matrix multiplication. In this way, combining the IDS in last verification and F(IDS ⊕ G n ) obtained at this time, attacker can easily know the secret key G n used in the last verification, and use XOR between G n and ID ⊕ G n , then attacker can know the ID of tag.

Desynchronized Attack
Attack one: Intercept the last information sent by tag to reader ( K n ⊕ G n+1 , K n+1 ⊕ G n+2 ). Assume attacker is intercepting a verification process, after the tag confirms the reader, tag updates its data and sends K n ⊕ G n+1 , K n+1 ⊕ G n+2 to the reader. At this moment, the attacker can obtain this information without being received by the reader. Because reader cannot verify the tag, the database cannot update the corresponding secret key value to the tag, which causes the data of the tag and the database are not synchronized. In the following verification, due to the difference between G n of the tag and G n of the datab K n ase, tag would refuse service.
Assume an attacker is intercepting a verification process, after the tag confirms the reader, tag updates its own data and sends K n ⊕ G n+1 , K n+1 ⊕ G n+2 to the reader. Then, attacker modifies K n+1 ⊕ G n+2 of the information sent to the reader, such as modifying into ( K n+1 ⊕ G n+2 ⊕ r 1 ), which is finally sent to the reader. After reader receives K n ⊕ G n+1 , K n+1 ⊕ G n+2 ⊕ r 1 , reader judges whether K n ⊕ G n+1 = F( G n ) ⊕ G n+1 or not to verify the tag. Because the attacker does not modify K n ⊕ G n+1 , reader successfully verifies the tag. After this, reader uses K n+1 ⊕ G n+2 ⊕ r 1 to execute the following operations as usual. 1 Calculating G n+2 : Using G n+2 to update reader information: This causes the desynchronization between tag data and database. In the following verification, due to the difference between G n+1 of the database and G n+1 of the tag, verification for the tag is failed.

Proposed Protocol
Due to the shortcoming of Kulseng's lightweight mutual verification protocol that is based on the PUF, we will introduce our proposed protocol in this section. Some definitions of proposed protocol are shown in Table 1 at the previous section.
In this protocol, RFID tag is embedded with the PUF module, which makes each RFID tag to produce a unique secret key based on its own circuit, so as to defend against the clone attack. Initially, each RFID tag stores three values: 1 P n = PUF(challenge), 2 FID and 3 K n . The first value is the dedicated secret value of the tag; the second value is the IDS used during the mutual verification between the tag and the host computer; the third one is the shared secret key by the reader and the tag. After each verification, the secret key P n , shared secret key K n and FID would be updated. For each tag, the database stores two set of values: FID old , P old n , P old n+1 , ID, K old n and FID new , P new n , P new n+1 , K new n . The later value set is the current tag value, and the prior value set is the tag value of the last communication. This verification protocol contains three parts: tag recognition, mutual verification and update. Tag recognition is to verify the tag's authenticity; mutual verification is to use the verified tag to verify reader's authenticity; update is to store the latest secret key for the following verification. Figure 4 shows the certification process of proposed protocol.
In this paper, the backstage database cannot meet the requirements because it should store all the tag information resulting in a very large amount of data. In order to solve the above problems, the HBase of big data technology is used to store the data. HBase which is a distributed and column-oriented is an open source database. A table in HBase can have hundreds of millions of rows and millions of columns, and the data in each unit can have multiple versions for backup.

Tag Verification
In the tag verification process, reader firstly sends a search request to tag, after receiving the request, tag produces a random number r 1 , and sends r 1 with FID to the reader. After receiving the random number r 1 and FID, reader uses FID to search data in the host database. If FID = FID new , it means that the database contains this FID, and this tag can be verified without being attacked previously. In addition, the reader uses FID new , P new n , P new n+1 , K new n to execute mutual verification with the tag. However, in the previous verification, tag might be intercepted, resulting in the update of the database, while the tag data is not updated. In this case, reader uses FID old , P old n , P old n+1 , ID, K old n to execute the mutual verification with this tag. If both of the new and old FID cannot match with the FID of the reader, this protocol stops.

Mutual Verification
The purposes of Mutual verification is to verify the identity of both tag and reader. Reader firstly produces a random number r 2 , combining FID, secret key P n+1 , shared key K n and random number r 1 according to the Equations (1) and (2) to calculate A and B. Then, reader sends A||B to the RFID tag.
After receiving A||B, tag calculates D and E by Equations (3) and (4), Equation (5) deduces the random number r 2 of the reader and further uses r 2 to obtain B by Equation (6).
Then, tag compares whether B and B are equal or not. If not, the reader is fake, and verification terminates; otherwise, the reader passes the verification, and the protocol goes on for the next step. At the same time, with previously calculated D, E and deduced random number r 2 , by Equation (7) F is calculated, which is also used to deduce the random number r 2 , F and FID of the tag. By Equation (8). H is calculated and F||H is sent to reader.
After receiving F||H, by Equation (9), reader deduces secret key E of the tag, and this deduced key is used to obtain E random number r 2 and secret key P n+1 . With Equation (10), F is calculated. Then, using the FID of this tag, F , random number r 2 , by Equation (11). H is calculated.
At this moment, reader compares whether H and H are equal or not. If it is equal, the tag has been verified before and the mutual verification terminates. If not, this tag is fake, and the verification stops.

Update Process
After verifying the tag, update starts. During this process, firstly, the host database updates, then the tag updates. The process of updating the database is classified into two cases. In the tag update, if the database uses FID oid and FID to match, the host database does not need to update; if the database uses FID new and FID of the tag to match, the database should be updated in following way: FID old = FID new , P old n = P new n , P old n+1 = P new n+1 , K old n = K new n If reader sends success command to the tag, and the processing time of the reader is within the acceptable range, the tag would be updated in the following ways, which is shown in Figure 5.

Proof of Security
In this section, we use GNY logic [29] to prove our protocol. The GNY logic was proposed by Gong, Needham and Yahalom in 1990. It is a logic that analyzes the authentication protocol. The GNY logic uses a completely different state search tool, which includes a collection of beliefs maintained by each subject and a collection of inference rules that get new beliefs from the old beliefs. BAN logic has a very simple, intuitive set of rules, so it is easy to use. As it is pointed out in the reference [29], GNY logic can be used to find serious errors in the protocol, which has attracted widely attention by security researchers. The application of GNY logic has epoch-making significance. It greatly promoted the development of formal verification of security protocols, and inspired many methods of formal verification of security protocols.  Principle 1 indicates: if A trusts that message B is the latest, then it can be deduced that A also trusts the connection between B and C is the latest, and the mapping is trusted as the latest by A whose image is B.

Principle of the GNY Deduction
Principle 2: A B,A C A (B,C),A (F(B,C)) Principle 2 indicates: If A has message B and C, then it can be deduced that A not only has the connection between B and C, but also the mapping whose image is message B and message C. Principle 5 indicates: A trusts that the secret key K is shared by A and D, and A previously received encrypted B by secret key K. A has the connection between message B and secret key K. A trusts that the connection between message B and secret key K is the latest, then, A trusts that D previously sent the connection between message B and the secret key K, and A also trusts that D used to send encrypted B by K.

Assumption
(1) T (FID, P n , K n , ID) (2) R FID new , P new n , P new n+1 , K new n , FID old , P old n , P old n+1 , ID, K old

Security Analysis
This section analyses the possible attacks and the security of this protocol.

Mutual Verification
Mutual verification: Reader verifies the tag, and tag reversely verifies the reader. For some verification protocols, they just verify the tag, without the verification of the reader, which results in a security issue. If attacker uses a reader which is not been verified by a tag, the RFID system data would be leaked, or even the system would be damaged irreparably, such as desynchronization attack and DDos attack.
(1) Reader forgery The third step of the proposed protocol is to send message A||B to RFID tag, according to the Equations (3) and (4), tag calculates the values of D and E, and tag deduces the random number r 2 of the reader with Equation (5), where deduced r 2 is also used to generate B by Equation (6). Then, B and B of the reader are compared to verify the reader, in which value of A and value of B are calculated by the random number r 1 of the tag, random number r 2 of the reader, FID of the tag and the shared secret key P n+1 and secret key K n . These values would be updated after each round to prepare for the next round, and this is because the original values should be secreted so that the attacker cannot produce a fake reader.
(2) Tag forgery The fourth step of our protocol is to send message F||H to the reader, reader deduces the secret key of the tag by Equation (9), and uses deduced secret key E , its random number r 2 , secret key P n+1 and Equation (10) to calculate F . Then reader uses FID of the tag, F , and random number r 2 to produce H by Equation (9), by which reader compares H and the calculated H to complete the verification of the reader. In this process, F and H are calculated by the deduced random number r 2 by the tag, the secret key produced by PUF and the tag signature FID. After each round verification, these values would be updated for the following verification. As long as the initial values are in secret, attacker cannot produce a fake tag.
Above all, this protocol can guarantee the mutual verification between reader and tag.

Data Confidentiality and Tag Anonymity
During the verification process, the internal data of either tag or reader should be transferred in cipher text, and the data about tag identity should also be cipher text in transition. Although attacker has intercepted some data of the tag or the reader, attacker is not allowed to deduce any message about the identity of reader and tag.
The critical steps of our protocol are the second, third and fourth step. In the second step, tag sends its FID to the reader, which is just alias and has no relation with the real identity of the tag, and it would be updated after each verification round. Although attacker intercepts this alias, it cannot obtain any effective identity message of the tag. The third and the fourth steps send the A||B of the reader to the tag, and send F||H of the tag to the reader respectively. The previous mutual verification has analyzed the random number r 1 of the tag, random number r 2 of the reader, FID of the tag and the shared secret key P n+1 and secret key K n obtained by calculation. As long as the initialization is in secret, attacker cannot calculate those values. Although attacker can intercept them, those intercepted values cannot be used to deduce the secret key and deduce the tag identity.
Above all, this protocol guarantees the data confidentiality and the integrity of the whole RFID system.

Steal Attack
Attacker steals the data of the reader and the tag to make the data cannot be received by either tag or reader, as a way to damage the RFID system.
Assume that attacker steals the last message (failure/success) from reader to the tag, and promotes reader to update the secret key of the database except for the secret key of the tag. In this way, the data of tag and the database are not synchronous. Our protocol solves this problem by maintaining the FID and secret key P n and K n of the last verification. Even the tag cannot update its secret key value, the database can find its FID.
In summary, this protocol can defend against steal attack.

Replay Attack
Attacker iteratively sends the message that has been received by the reader to cheat reader, which would make reader to response so that the RFID system is damaged.
Assume the attacker intercepts the message during a mutual verification: 1 FID, r 1 ; 2 A||B; 3 F||H. Then, attacker intercepts the last message from reader to the tag (failure/success), and the reader updates the secret value of the database as a result, except for the secret key of tag. In the next verification round, attacker firstly sends FID, r 1 that are intercepted previously to the reader. After receiving those message, reader searches this FID and finds that it matches to a FID old . Later, reader generates the random number r 2 and produce A||B by equation. If attacker can send the previously obtained F||H to activate a forgery verification, however, during this verification, the random number generated by the reader is different from the random number produced in the last round, which results in the difference between H and H , so that the tag verification will fail. Above all, this protocol defends against replay attack.

Backtracking Attack
When a RFID tag is deciphered, attacker cannot deduce previous verification information by this current verification.
Assume that an attacker cracks the current verification process, and obtains the FID of the tag and the secret value (P n , K n ). However, attacker cannot deduce previous secret key values in verification because these secret key values are updated with the random number r 1 , r 2 after each verification round.
Therefore, this protocol guarantees the safety against the backtracking.

Clone Attack
Attacker copies the legal tag to obtain a clone tag, which contains all information of the copied tag, including the unique ID, data and algorithms stored in tag. In other words, when reader sends a random number and a request to the tag, clone tag can response to the reader in a same way as the legal tag. Thus, simple encryption algorithms and increase of the complexity of the verification algorithms cannot prevent against clone attack.
Our protocol is based on PUF technique to achieve the mutual verification. In the previous introduction of the PUF technique, we have analyzed its safety. Although attacker launches attack on reader or tag, and obtains the secret key of the tag: {P n , FID, K n }, attacker cannot produce a clone tag with these values. This is because PUF technique is by deriving the difference among chips during manufacture, which causes the different outputs. In this way, clone attack can be prevented against by our protocol.

Desynchronization Attack
Attacker triggers the update of tag by some means except for the update of the reader or vice-versa. As a result, the desynchronization between the data of the database and the tag data exists, and tag cannot be verified by the reader in following verification.
Attack one: Modifying message A or message B Assume attacker is intercepting a verification process, until the reader sending A||B to the tag, attacker modifies this message into A " ||B " , and then sends it the tag. After receiving A " ||B " , tag firstly deduces the random number r 2 of the reader by A " , by which tag calculates B . Then, tag judges if B = B " as a way to verify reader. Because attacker modifies message B into B " , reader cannot be successfully verified, which defends against the desynchronization caused by modifying message A or message B.
Attack two: Modifying message F or message H. Assume attacker is intercepting a verification process, until confirmation of the identity of the reader, tag calculates message F||H and sends it to reader to verify. At this moment, attacker modifies this message into F " ||H " , and sends the modified message to reader. After receiving F " ||H " , reader firstly deduces the secret key E by F " , then reader calculates H . After this, reader judges if H = H " or not to verify the tag. Because attacker modifies message H into H " , reader cannot verify tag successfully, so that both tag and reader cannot update their own data, which thus solves the problem of desynchronization caused by modifying F or modifying H.
Compared with previous Kulseng's lightweight mutual verification protocol, Table 2 shows the advantages of our protocol.

Experiments
This section shows the secure tag verification in a RFID system according to our protocol. We simulate to construct a vehicle cargo invading detection system, and all vehicles of this system carry RFID tags. With ultrahigh frequency RFID reader, the tag of a vehicle would be recorded, which information is recorded by the database and operating platform executes the secure verification via our protocol.
Ultrahigh frequency reader: Impinj R420. Air interface protocol: EPC global UHF Class 1 Gen 2/ISO 18000-6C, using Autopilot technique of the Speedway Revolution, which is able to automatically optimize the performance of the reader in any environment to maintain the best performance. Autopilot technique has following features:

1.
Automatically setting-Optimize the deployment of reader to achieve the best performance.

3.
Dynamic antennae switch-Increase handling capacity, enhance the reader to more effective work.
Speedway Revolution RFID reader also supports power over Ethernet (PoE), increases the flexibility of its application, so that the deployment is simplified and does not need AC power supply. As a result, the cost is dramatically reduced. Reader is equipped with the capability of the best flexibility in receiving, anti-interference and product and carrier offset capability.
RFID tag: Impinj H47, which supports air interface protocol EPC Class 1 Gen 2/ISO18000-6C; working frequency: 860~960 MHz, read distance is decided by the reader emit power. The tag can be fixed on the object in a sticker manner, and is easy to be read for obtaining information.
Platform construction tools: Java development platform.
In this section, we mainly discuss the RFID readers of what frequency we choose. Different frequency readers are limited by different distance when readers read tags' information. If the distance is too long, the reader cannot read the information of the tag, which will lead to the occurrence of missed reading. The counterfeiters can mix the real and fake tags together and put the fake tags out of the range to allow them to cheat the reader. Therefore, it is important to discuss how to use this protocol in terms of different frequencies and ranges of RFID readers.
In the experiments, to verify the impact of using high frequency reader and the ultrahigh frequency reader on the system alarm's success rate, in the cases with different distance between the tag and the reader, through experiencing 100 times experimental result analysis, the results are shown by Figure 6, we can conclude: within 10 cm from high frequency RFID reader, the number of successfully finding the clone tag are: 100, 100, 100, 99, 99, 100, 98, 97, 94. The distance between the reader and tag is over the best reading distance 8 cm, because the Mifare card data cannot be effectively read and the success rate dramatically decreases. As shown in Figure 7, in conclusion: within 110 cm from the RFID ultrahigh frequency reader, times of the reader being attacked are respectively: 100, 100, 100, 100, 99, 97, 98, 96, 95, 94, 91, 78. When the effective distance is bigger than the nominal range 100 cm, because reader cannot obtain the tag data, success rate obviously reduces. Experimental sample data is given in Figure 7. This experiment indicates when the high frequency reader is located over the nominal reading range, which is more than 8 cm, the performance dramatically falls, the rate of invading tag dramatically reduces. With our experimental sample, comprehensive success rate is 91.90%; while the ultrahigh frequency reader's performance slightly reduces when the distance is over the nominal reading distance, when the distance is over 90 cm, the performance of the reader begins to reduce. In As shown in Figure 7, in conclusion: within 110 cm from the RFID ultrahigh frequency reader, times of the reader being attacked are respectively: 100, 100, 100, 100, 99, 97, 98, 96, 95, 94, 91, 78. When the effective distance is bigger than the nominal range 100 cm, because reader cannot obtain the tag data, success rate obviously reduces. Experimental sample data is given in Figure 7. As shown in Figure 7, in conclusion: within 110 cm from the RFID ultrahigh frequency reader, times of the reader being attacked are respectively: 100, 100, 100, 100, 99, 97, 98, 96, 95, 94, 91, 78. When the effective distance is bigger than the nominal range 100 cm, because reader cannot obtain the tag data, success rate obviously reduces. Experimental sample data is given in Figure 7. This experiment indicates when the high frequency reader is located over the nominal reading range, which is more than 8 cm, the performance dramatically falls, the rate of invading tag dramatically reduces. With our experimental sample, comprehensive success rate is 91.90%; while the ultrahigh frequency reader's performance slightly reduces when the distance is over the nominal This experiment indicates when the high frequency reader is located over the nominal reading range, which is more than 8 cm, the performance dramatically falls, the rate of invading tag dramatically reduces. With our experimental sample, comprehensive success rate is 91.90%; while the ultrahigh frequency reader's performance slightly reduces when the distance is over the nominal reading distance, when the distance is over 90 cm, the performance of the reader begins to reduce. In comparison, ultrahigh frequency RFID reader of the original system performs better in detecting fake tag.

Performance Analysis
By calculating the costs of time and storage space for a complete certification process of backstage database, reader and tag are used to judge the performance of the proposed protocol. In this section, the reader and the backend database are viewed as a whole for the convenience of analysis, which is called the reader side. For the protocol presented in this paper, the data stored in the tag, reader, and back-end database is a unit of 96 bits, let L substitute for 96 bits. T P defines as the number of PUF function operations. T R defines as the number of times when a random number is generated. T XOR defines as the number of XOR operation. T LEFT defines as the number of times of the loop left movement, T OR defines as the number of join operation, T AND defines as the number of AND operation, and T F defines as the number of F function operation. Then the complete certification process will be analyzed in the term of its complexity.
Firstly, we analyze the time complexity.
For the RFID tag, in tag verification phase, a random number of r 1 is generated in the tag recognition phase, so the time complexity of the tag is T R ; in the process of authenticating the reader of Mutual Verification phase, there are four operations by a tag, such as D = PUF(P n ), E = PUF(D), r 2 = A ⊕ FID ⊕ D ⊕ K n ⊕ r 1 , B = (r 1 < < < 8) & (r 2 < < < 1) ⊕ (D < < < 2). So in the process of authenticating the reader of Mutual Verification phase, the time complexity of the tag is (2T P + 5T XOR + 3T LEFT + T AND ). In the process of authenticating the tag of Mutual Verification phase, there are three operations by a tag, such as F = D ⊕ E ⊕ r 2 , H = (FID < < < 8) & (F < < < 1) ⊕ (r 2 < < < 2)and F||H. So in the process of authenticating the tag of Mutual Verification phase, the time complexity of the tag is (3T XOR + 3T LEFT + T AND + T OR ). In the whole Mutual Verification phase, the time complexity of the tag is (2T P + 8T XOR + 6T LEFT + 2T AND + T OR ). In the update phase, there are two operations by a tag, such as FID = (FID < < < 8) & (r 2 < < < 1) ⊕ (r 1 < < < 2) and K n = (K n < < < 8) & (r 2 < < < 1) ⊕ (r 1 < < < 2). Thus, the time complexity of the tag is (2T XOR + 6T LEFT + 2T AND ) in the update phase.
For the reader side, in the process of authenticating the reader of Mutual Verification phase, there are three operations by the reader side, such as A = FID ⊕ P n+1 ⊕ K n ⊕ r 1 ⊕ r 2 , B = (r 1 < < < 8) & ( r 2 < < < 1) ⊕ ( P n+1 < < < 2) and A||B. So in the process of authenticating the reader of Mutual Verification phase, the time complexity of the reader side is (T R + 5T XOR + 3T LEFT + T AND + T OR ). In the process of authenticating the tag of Mutual Verification phase, there are three operations by the reader side, such as E = F ⊕ r 2 ⊕ P n+1 , F = E ⊕ r 2 ⊕ P n+1 , H = (FID < < < 8) & F < < < 1 ⊕ (r 2 < < < 2). So in the process of authenticating the tag of Mutual Verification phase, the time complexity of the reader side is (5T XOR + 3T LEFT + T AND ). So in the whole Mutual Verification phase, the time complexity of the reader side is (T R + 10T XOR + 6T LEFT + 2T AND + T OR ). In the update phase, there are two operations by the reader side, such as K new n = (K new n < < < 8) & (r 2 < < < 1) ⊕ (r 1 < < < 2) and FID new = (FID new < < < 8) & (r 2 < < < 1) ⊕ (r 1 < < < 2). So in the update phase, the time complexity of the reader side is (2T XOR + 6T LEFT + 2T AND ). Tables 3 and 4 give the results of the time cost analysis of our protocol and the K protocol. Table 3. Results of the time cost analysis of K protocol.

Device Tag Verification Phase Mutual Verification Phase Update Phase
Tag -2T P + 3T XOR + 2T F T XOR + T F Reader -2T XOR + 2T F T XOR + T F Table 4. Results of the time cost analysis of the proposed protocol.

Device Tag Verification Phase Mutual Verification Phase Update Phase
Tag T R 2T P + 8T XOR + 6T LEFT + 2T AND + T OR 2T XOR + 6T LEFT + 2T AND Reader -T R + 10T XOR + 6T LEFT + 2T AND + T OR 2T XOR + 6T LEFT + 2T AND Secondly, we analyze the space complexity. For the RFID tag, there are some data in a tag, such as P n , FID, K n . Thus, the space complexity of a tag is 3L.
For the reader side, there are some data in the reader side, such as FID old , P old n , P old n+1 , ID, K old n , FID new , P new n , P new n+1 , K new n . So the space complexity of the reader side is 9 L. The comparison results are shown in the Table 5. Table 5. Results of space cost analysis between the proposed protocol and K protocol.

Protocol Tag Reader
K protocol 3 L 4 L Our protocol 3 L 9 L In our protocol, it only uses some simple operations, such as XOR operation, the loop left movement operation, JOIN operation, and AND operation. In addition to PUF circuit by the arbiter judged by two signal circuit who arrives firstly, the amount of calculation is very small. So our protocol meets the requirements of low cost in computational overhead. To sum up, although the protocol proposed in this paper is more complex than the K protocol, its security is much higher than that of K protocol. Therefore, this protocol has found a good balance between performance and security.

Conclusions
In this paper, a lightweight RFID security protocol based on the Physical Unclonable Function (PUF) is proposed to achieve efficient verification of a single tag. The protocol includes three process: Tag recognition, mutual verification and update. The tag recognition is that the reader recognizes the tag; mutual verification is that the reader and tag mutually verify the authenticity of each other; update is supposed to maintain the latest secret key for the following verification. The results of security show that the presented protocol is efficient to protect RFID systems. Implementation of the presented protocol in real RFID systems are our future work.