EPC Gen2v2 RFID Standard Authentication and Ownership Management Protocol


Providing security in passive RFID systems has gained significant attention due to their widespread use. Research has focused on providing both location and data privacy through mutual authentication between the readers and tags. In such systems, each party is responsible of verifying the identity of the other party with whom it is communicating. For such a task to succeed, the tags and readers are initialized with shared secret information which is updated after a successful authentication session. Ownership management, which includes transfer and delegation, builds upon mutual authentication. Here, the use of security in RFID is extended to encompass the more practical case where a tagged item is shifted from one owner to another. As such, we propose a new authentication and ownership management protocol that is compliant with the EPC Class-1 Generation-2 Version 2 standard. The protocol is formally analyzed and successfully implemented on hardware. The implementation shows that the use of such protocol adds security with little added overhead in terms of communication and computation.


Electrical and Computer Engineering

Research Center/Lab(s)

Intelligent Systems Center

Keywords and Phrases

Authentication; Data privacy; Mutual authentication; Ownership managements; Ownership transfers; Passive RFID; Security; Shared secrets; Radio frequency identification (RFID)

International Standard Serial Number (ISSN)

1536-1233; 1558-0660

Document Type

Article - Journal

Document Version


File Type





© 2016 Institute of Electrical and Electronics Engineers (IEEE), All rights reserved.

Publication Date

01 Jan 2016