LAUSR

In a recent publication in this journal, K. Bu et al. (IEEE Trans. on Information Forensics and Security, vol. 8, no. 3, pp. 429–439, Mar. 2013) presented a protocol that detects cloned tags (replicas of genuine tags) in anonymous radio frequency identification (RFID) systems by leveraging unreconciled collisions in the medium access control layer. This does not require RFID readers to implement cryptographic mechanisms, or know the identities of tags. Improved versions have since been published that claim that detection can also be deterministic. In this paper, we analyze this protocol and show that the physical limitations of collision detection have not been adequately addressed and that, without any further assumptions, unreconcilable collisions cannot be detected. We then propose a solution for which the responses of tags are randomized and show that: 1) there is a tradeoff between the accuracy of detecting cloning attacks and execution time and 2) detection of cloned tags cannot be deterministic.