Abstract
Radio Frequency Identifications (RFID) are useful low-cost devices for identification or authentication systems through wireless communication. The ownership of the RFID tag is frequently changed in the life cycle of the tag, it may fall in to the hands of a malicious adversary. The privacy problem in this situation is studied in the RFID ownership transfer protocol. However, almost all previous works provide only heuristic analysis and many protocols are broken. Elkhiyaoui et al. defined the security model for RFID ownership transfer protocols and proposed the detailed security proof to their protocol, but we show that their protocol does not provide enough privacy and cover the realistic attack. We investigate a suitable security model for RFID ownership transfer protocols and provide a new provably secure RFID ownership transfer protocol.
