Implementation of Secured RFID Mutual
Authethentication Protocol
AISHWARYA A NAIRI, K.SIVASANKARAN2
1 Student(Mtech VLSI DESIGN) Dept of ECE(SENSE), Vellore Institute of Technology , Vellore, Tamil Nadu, India,
E-mail: aishwaryaanair17@gmail.com.
2
Associate Professor , Dept of ECE(SENSE), Vellore Institute of Technology, Vellore, Tamil Nadu, India,
E-mail: k.sivasankaran@vit.ac.in.
Abstract—RFID is the most flexible auto identification
technology has a dereliction in its security .Over many years
researchers are working up on security issues facing in RFID
communication and they come up with mutual authentication
Protocol. Here is the lightweight mutual authentication
protocol which implemented in ASIC based on the EPC global,
which is the widely used industrial standard for passive UHF
RFID communication. Here I incorporated a variable
Fibonacci LFSR rather than normal LFSR which will increase
the security compare to previous works. The RFID blocks were
designed by verilog HDL,synthesized and implemented in SCL
180nm technology.I have used Synopsys EDA tool for design
and Implementation
Keywords—RFID,VLFSR,Synopsys,Synthesis,Physical
Design ,ROM,Cyclic Redunancy check,Fibonocci LFSR
I. INTRODUCTION
In the new modern era companies wanted to transfer data
into the computer without just manually typing it so as to
save time, reduce error, increase the efficiency and to free up
the employees to do other useful jobs. This idea led to the
emergence of a broad ne automatic identification to help
machines to identify objects, captures the information and
transfer the data in to computer automatically..There are
different automatic identification technologies like barcode,
smartcards, biometric scan etc. Of these RFID technology is
the most prominent because to capture the information
without any line of sight, reading information fastly from
multiple objects, hiding the unauthorized author’s thus
increasing security and to detect the distant object data.
There are two types of RFID,,Active and Passive. Unlike
active tags Passive does not have an internal power source. It
derives energy from the electromagnetic signal send by the
reader. Passive RFID tags mainly operates in three different
frequency region., Low Frequency, High Frequency and
Ultra High Frequency region. Here our protocol is
implemented in UHF Frequency region, within a range of
860 MHz to 960 MHz,
RFID communication follows some standards. Out of that
widely used standard is EPC Global C1G2 standard. These
are driven standards by Electronic Product Code . The EPC
Gen2 air interface standard was first published in 2004,
which defines the physical and logical requirements for a
RFID system of interrogators and passive tags, operating in
the 860MHz-960MHz. Ultra High Frequency (UHF) range.
Over the year researchers are working on security issues of
RFID, Because of the absence of necessary security scheme
in EPC Gen2 standard, the radio communication between
RFID tags and readers raise a number of security issue.
An efficient way to solve these security problems for passive
UHF RFID is to adopt a mutual authentication protocol.
Generally, a RFID application system consists of tag, reader
and back-end server. So here the paper is divided in to four
section. Section II will give the Related Works. Section III
give an idea about Mutual Authentication Protocol .Section
IV is about architecture and design. Next Section is about
Proposed Modification. Last section is full about
Implementation and results
II. RELATED WORKS
So many security mutual authentication protocols have
been proposed for passive UHF RFID. Chien classified these
protocols into four classes [15]. The first class is called “full
edged class” that supports the conventional cryptographic
function. The second class is called “simple” that should
support random number generator and one-way hashing
function on tags. The third class is called “lightweight”
protocols that require a random number generator and simple
functions like CRC checksum. The fourth class is called
“ultra-lightweight” protocols that only involve simple
bitwise operation (like XOR, AND, OR, etc.). Due to the use
of random number generator and VLFSR sample function,
our protocol belongs to the lightweight class.
To tackle the security issues researchers have proposed
some Pad generation function which issued to protect the
tags various password or crucial data during the transfer. Yu-
Jung Huang, Wei Cheng Lin, and Hung-LinLi presented a
journal similar to the Pad generation concept, where
implemented in FPGA Board. Here they used to produce
cover coding pad to mask the tag’s access password before
the data is transmitted .Here the information from tag to
reader or reader to tag can be accessed by simple exor
function operation. However the problem with it is the
increase in power dissipation due to increase in hardware.
Lili Wei, Zhaotong Luo, QiangQu, Qing He and Jingwei
presented a fully fledged authentication protocol which
widely used a public key cryptography and also the crypto
GPS method but the problem is the lack of the security proof
and also had limitations on the number count of the tag.
In 2010 ,a Novel anonymous RFID authentication
protocol was presented by Jian Shen Dongmin Choi,
Sangman Mohand Ilyong Chung, they denote their protocol
as ARAP which provide a strong privacy and also the
security aspects by taking the pseudonym concept to protect
from the synchronization, disclosure and attack. Here
protocol works without disclosing the real ID’s of the
participating tags and provide strong privacy and security. So
the RFID tags substitute pseudonym for all real ID’s and this
RFID tag preshares the Pseudonym ,the secret as well as
information to backend.
In 2015 Mahsa Fathi and Elham Tavakol claimed and
proved that the ARAP protocol is very badly vulnerable to
the security and the de synchronization and modifies the a
new authentication protocol which takes with hash function
and also the PRNG (Pseudo Random Number
Generation)which safeguards the information ROM
attackers. 2015 Yu-Jung Huang, Wei-Cheng Lin, and Hung-
Lin Li proposed a new lightweight authentication protocol
based on TRNG which will provide more security compared
go previous works but with little high power dissipation. .In
this thesis, I modify the design to provide better secure
communication from tag to reader by incorporating a
Fibonacci LFSR in the design.
III. MUTAL AUTHENTICATION PROTOCOL
Figure below shows the state diagram of tags pa. The tag
implements seven states. The authentication phase is done in
secure state or open state but since there is an update going
on with the secret value and SID we implement the protocol
insecuredstate.
Figure .1 Tag States
The flow diagram of the implemented protocol is shown in
Figure 2. First the tag send the authenticate command that is
specified by the EPC C1G2 standard. The authenticate
framework is shown in Figure 3. The tag reads in the
random number R1 obtained from the reader along wi th the
true random number R2 and is given to the LFSR block
where we obtain a 32 bit random number Rt based on a
secret value Sj. The Rt along with R3||R2⊕SID is sent to
the server through the reader along with UID and R1. At
server we get the SID from UID, R2 is extracted from
R3||R2 ⊕ SID by XOR operation. The secret value Sj is
obtained based on the SID extracted.
Figure 2. Mutual Authentication Protocol
Using these we generate 32 bit random number Rb by
passing it through the same LFSR structure as in tag. The
tag authentication is done by verifying whether Rt is same
as that of Rb.If they are equal secret value Sj + 1 = R3||R2⊕
Sj, SIDj + 1 = LFSR(R1||R2,SID) and LFSR(R1||R2,SID) is
sent to the tag through reader for server authentication. The
tag updates secret value and SID as Sj + 1 = R3||R2⊕Sj,
SIDj + 1 = LFSR(R1||R2,SID) after a valid server
authentication. This marks the end of protocol for the jth
section. If Rt 6= Rb server finds the previous secret value
and SID which will be the inputs for the LFSR function ie
Rt = LFSR(R1||R2,Sj −1) and protocol continues as
mentioned earlier. This is done so as to prevent
synchronization problems. But if still Rt ≠ Rb the protocol
ends here ie. the tag authentication has failed. The security
is said to have protection from Eavesdropping, Location
Tracking, Replay Attack, Forward Security, Confidentiality,
Man-in-the-Middle Attack, De-Synchronization Attack and
Mutual Authentication
IV. ARCHITECTURE AND DESIGN
The block diagram of a passive tag is shown in Figure 3 that
has an analog frontend and a digital backend.
Figure 2.Architecture of Tag
The frontend is responsible for transmitting data back and
forth to the reader, provides control signals such as clock,
reset and also TRNG to the digital block. We concentrate on
the digital backend where the protocol is implemented. It
has ROM interfaced in it.
 Figure below shows the digital baseband.
Figure 3. Architecture of Passive Tag
1)PIE DECODER
As per EPC C1G2 standard for reader to tag transmission
we use Pulse Interval Encoding (PIE) technique, hence we
design a pie decoder where data symbols are recognized
based upon the amount of time each symbol is high. The
decoding starts by resetting all values in the READY state
and if data sampled is high for 12.5us in the DELIMITER
state then data 0 follows and we start to sample RTcal in the
SAMPLE_RTCAL state, we divide this value by 2 to get
PIVOT. Here shows the state diagram of pie decoder.
Figure.4 Pie Decoder
Any value less than PIVOT is recognized as data 0 and
greater PIVOT is recognized as 1. In In DECIDE_TRCAL
we sample TRcal (used for calculating backscatter
frequency),Data0or Data1 based upon the command,
followed by OPCODE_PW where we sample the input
OPCODE and check if it is correctly matched in the
DECIDE_OPCODE state and raise the Opcode flag. We
then sample and decode the data inputs in DATA_DECODE
state and raise the data ready flag after reading in all the data
and go to the WAIT state for further processing.
2)Variable LFSR
Linear Feedback Shift Register (LFSR) is the key element of
the implemented protocol. A simple LFSR is a shift register
where its inputs are driven by XOR operation ie. is a linear
function of its previous state there for making it deterministic
The implemented LFSR structure has 2 sets of registers
coefficient and shift register.
Figure 5.Variable LFSR
They both are initialized with R1||R2 and Sa respectively
after the decoder reads all the data inputs. Input to the shift
registers is decided based upon the value initialized in
coefficient register and according to the value of Sb stored in
ROM, the shift register shifts the values to Sb cycles so that
we get Rt which is to be encoded back to the reader.
3)ROM
We implemented a simple ROM so as to store secret
value Sj = Sa||Sb, Secure ID (SID) and tag random numbers
(R2,R3). Sa is used to initialize the coefficient register in
LFSR while Sb decides for how much cycles thus Shift
register shifts its values.R1,R2andSIDis encoded back to
other reader after a XOR operation .R2 is also used to
initialize shift register.
4) CRC 5 and CRC 16
Cyclic-redundancy check issued to ensures a valid
communication between the reader and tag. This Is done as
per the EPC gen2 standards as a safeguard against bit errors.
The CRC5 and CRC16 circuits are in the form of LFSR that
consist of 5 and 16 registers respectively. The basic working
principle of both these modules are that initially the registers
are preloaded to 010012 (CRC5) or FFFFh (CRC16). The
data bits which are to be encoded is clocked to the input of
the modules. This register now holds the crc5 output while to
get crc16 output we need to get the values of registers in
crc16 inverted. Here CRC5 is used to validate
AUTHENTICATE command while the CRC16 is used to
compute the crc16 value which has to be send to the reader.
5)FM ENCODER
Fm0 encoder specified by the EPC gen2 standards to
backscatter the data back to the reader in a frequency that
will be decided by the TRCAL value send from the reader.
The clock managing module reads the TRCAL value and set
the required backscatter frequency and provides this as the
input clock to the fm0 encoder. The Backscatter link
frequency ranges between 40-640 KHz and the output clock
to the encoder is determined by the formula Clk encoder =
TRCAL÷DR where DR is the data rate which can have value
64/3 or 8.Here is the State diagram and toggling activity of
FM0 encoder.

Figure 6. State Diagram of FM Encoder
Figure 7.FM0 Basis Function

ggling activity of FM0 Encoder can be explained as
 It inverts the phase of the base band signal at the
when the input is 0
 It does NOT invert the phase when it is 1
V.PROPOSED DESIGN
As said we are aiming to have high secure communication
between tag and reader. So we want to have such type of
structure to increase the security.
So in this proposed design, I am using Fibonacci VLFSR
rather than using a normal LFSR that is used in current
architecture. Proposed Architecture is shown below shown in
figure
Figure 8.Proposed Design
So here an Normal VLFSR is replaced with Fibonacci LFSR
which cause its increase in security. In normal LFSR ,the
bits are just shifting only, but in Fibonacci LFSR ,a shifting
of any bit depends on addition of previous two bits. So in
backend server, to extract the values, it requires the
extraction of previous two bits.
VI.. IMPLEMENTATION AND RESULTS
Every block designs are designed in Verilog Hardware
Description Language(HDL)with compilation and simulation
is done in Modelsim as well Synopsys SCL 180 nm tool. The
implementation is carried out up to routing which include
pre layout and post layout STA. Entire implementation is
done using Synopsys SCL 180nm.
As in block diagram, many blocks are designed for protocol
implementation. Following are obtained waveforms for the
blocks used to implement the protocol.
1)Cyclic Redundancy Check
CRC is used to detect errors while transmitting and
receiving of data from any circuit .Here two types of CRC.s
is used,CRC5 and CRC 16.CRC 5 is for detecting error while
communicating from reader to tag which is initialized by
110002 and CRC16 is used in tag to reader communication
and initialized by FFFFh..Here is the output waveform CRC 5
Figure 9.CRC 5 Output
2)Variable LFSR
VLFSR is used to get Rt which will protect the secure
ID,and true random number. Initialize with two type of
register, Shift and Coefficient Register .
Figure 9. Variable LFSR
3)Clock Management Module:
CMM is responsible for setting backward frequency. The
waveform given below we can see that, backscatter clock
value is set when the Data Rate is equal to 8 or 64/3.
 Figure below shows the Synthesized output put from SCL
180nm.The synthesized output is the result after logic
synthesis ,floor planning ,Placement ,CTS,Routing. Also
verified the timing violation after logic synthesis and
Routing. It ensures that my design did not have any setup as
well as hold violation.

Figure 10. Clock Management Module

4)FM Encoder
Encoder is to encode the values which is given from
VLFSR, Pie decoder, CRC’s.The transfer data to reader is
by reply command. Figure 11 will show the FM Encoder

Figure 12.Physical Synthesis Output.

Proposed Implementation Results:

The modified circuit replace with Variable Fibonacci
LFSR which ensure more security. Here is the output of
replaced Fibonacci LFSR:

Figure11.FM Encoder
5)RFID Main module:
For the simulation we have considered the following inputs.
• R1=17B6h
• R2=AA10h
• R3=BBF1h
•Sa=45ADBECFh
• Sb=14h
• Sid=DAAEDD10h
• TRCAL=6410 Here the results are optimized with synopsys DC Compiler.
Comparison of Results:

Parameter Reference Paper Proposed Design

Slack 5.4ns 6.6ns
Dynamic Power 1.05µW 95.04nW
Supply Voltage 1.8V 1.8V

Figure 10 :Basic RFID Protocol
VII.CONCLUSION
In this paper ,an RFID light weight mutual authentication
protocol is implemented I modified VLFSR to get
Fibonacci LFSR in order to get more, which shows
significant reduction in area and power as compared to
existing digital baseband architecture. The implemented
architectureisoftheEPCClass1Generation2standardsandisaso
lutionforthedereliction in its security. The architecture
consisted of a PIE decoder for decoding the message signal
send from the interrogator to tag, a LFSR for implementing
the protocol, A clock management module for providing a
clock to the encoder for backscattering the message signal
back from Tag to interrogator in a specific frequency , ROM
for storing random number values,CRC5 and CRC16
modules for checking bit errors and an encoder for e
backscattering the message signal back to the interrogator.
The protocol was successfully verified by Verilog Test
bench and synthesized in Synopsys DC compiler.

REFERENCES

[1]Yu-Jung Huang, Wei-Cheng Lin, and Hung-Lin Li,

(2012) ’Efficient implementation of RFID mutual
authentication protocol’, IEEE Trans. Ind. Electron, Vol.
59, no. 12, pp. 47844791
[2]Hung-Yu Chien, (2007) ’SASI: A New Ultralightweight
RFID Authentication Protocol Providing Strong
Authentication and Strong Integrity’,IEEETransactionon
dependable and secure computing, Vol. 4, No. 4.
[3] Lili Wei, Zhaotong Luo, Qiang Qu, Qing He, Jingwei
Xu 2014 ’"A Low-cost PKC-based RFID Authentication
Protocol and Its Implementation’, Tenth International
Conference on Computational Intelligence and Security
[4] Jian Shen, Dongmin Choi, Sangman Moh and Ilyong
Chung (2010) ‘A Novel Anonymous RFID Authentication
Protocol Providing Strong Privacy and
Security’,2010International Conference on Multimedia
Information Networking and Security.
[5] Mahsa Fathi and Elham Tavakol. (2015) ‘Security of
an anonymous RFID authentication protocol and its
improvement’, 2015 IEEE European Modelling
Symposium
[6]ZilongLiu,DongshengLiu,LunLi,HuiLin,andZhenqiang
Yong.(2015)‘Implementation of a New RFID
Authentication Protocol for EPC Gen2 Standard’,IEEE
Sensors Journal, Vol. 15, No. 2.
[7] Michael Todd (2010) ‘Hardware Emulation of a
Secure Passive RFID Sensor System’, Thesis submitted to
the Graduate School of the University of Massachusetts
Amherst.
[8] Honorio Martin, Enrique San Millan, Pedro Peris-
Lopez, and Juan E. Tapiador. (2013) ‘Efficient ASIC
Implementation and Analysis of Two EPC-C1G2 RFID
Authentication Protocols’, IEEE Sensors Journal, Vol. 13,
No. 10.
[9] Jing Liu, Yihao Chen and Runxi Zhang. (2010) ‘ASIC
design of UHF RFID reader digital baseband’,
Microelectronics and Electronics (PrimeAsia),2010 Asia
Pacific Conference on Postgraduate Research