摘要:RFID is a key technology that can be used to create the pervasive society. The tag is an important part of the RFID system and most popular tags are some low-cost passive tags. These tags have limited computing and storing resources, and no more attentions are paid to their security and privacy. So the application of these tags is not secure. Lightweight authentication protocols are considered as an effective method to solve the security and privacy of low-cost RFID tags. We propose a novel lightweight authentication protocol by means of some functions provided by EPCglobal Class-1 Gen-2 tags. The protocol enhances the difficulty to reveal the tag’s secrecy by using the tag’s partial identifier to generate the session messages between the tag and the reader. The tag’s partial identifier is generated randomly for each authentication. Otherwise, the tag’s identifier is randomly divided into two separate parts so as to avoid colliding from the 16-bit cyclic redundancy coding function. Some random numbers, which are generated by the tag and the reader respectively, randomize the session messages between the tag and the reader so as to resist against tracing attack and replay attack. Our proposed protocol can assure forward security and it can resist against de-synchronized attack. This protocol only uses some lightweight functions and it is very suitable to low-cost RFID tags