The characteristics of radio frequency identification (RFID) systems introduce growing security and privacy concerns. RFID systems need security protocols to provide confidentiality, user privacy, mutual authentication and etc. Many security protocols for the RFID system have been presented. This paper analyze several of the newest RFID security protocols which proposed by Niu et al., Fu et al. and Habibi et al. respectively form the security viewpoint of data desynchronization attack. These lightweight protocols were expected to proposed security protections for the RFID system and safeguard against almost all major attacks. However, we found that these RFID security protocols were vulnerable to the attack of data desynchronization. Based on strand spaces model, data desynchronization attacks on these protocols were analyzed and described. Furthermore, improvements to overcome the security vulnerabilities of two protocols presented by Niu et al. and Fu et al. were given.

 DOI:http://dx.doi.org/10.11591/telkomnika.v11i2.1993