Publication Type

Master Thesis

Publication Date



Radio Frequency Identification (RFID) is an advanced object identification technology that has already been applied in various industries. However, the insecure nature of the communication channel between readers and tags makes RFID systems vulnerable to various kinds of attacks. In recent years, many new methods have been proposed to improve the security of RFID systems, such as disabling tags, agent management and establishing cryptographic protocols. Among them, we focus on the last approach, which is more economic and convenient in certain cases. The first part of our work is to categorize typical existing RFID protocols according to their security levels. The result is vitally important to RFID system administrators who need to find different protocols to be implemented in their systems. The trade-off to be made in decision is that higher security level typically implies worse performance. We examine the performance in two aspects: the look-up cost in RFID reader’s back-end database and the tag-related cost. The tag-related cost includes the cryptographicoperation cost (cryptographic computation cost along with access operation cost in RFID tag’s chip memory), and the communication cost between reader and tag. We perform traditional database complexity analysis to assess the database look-up cost, and conduct experiments to evaluate both the cryptographic operation cost and and communication cost, so as to have a thorough understanding of the overall time cost of each RFID protocol. This work is important because efficiency is a major concern in the design of RFID protocols, especially when high security level is achieved with complex cryptographic operations being performed on resource-limited RFID tags. An inefficient RFID protocol could be a bottleneck ofthe whole system in real applications. Finally, we benchmark the performance of each RFID protocol, compare performance of protocols in different security levels and investigate the extra cost required to achieve certain security properties. We find a trade-off between look-up cost and tag-related cost. Based on the results of performance benchmarks, we revise some existing protocols and propose several design suggestions for creating new RFID protocols.


RFID, Protocol, Security, Performance, Benchmark, Analysis

Degree Awarded

MSc in Information Systems


Information Security


LI, Yingjiu