A wireless network such as Wireless Local Area Network (WLAN) or wireless sensor network is easily subjected to attacks like forgery, replay, etc. due to its wireless and broadcast characteristics in communications. As a wireless technology, the Radio Frequency Identification (RFID) also encounters the same security problem. The problem of identity authentication between the reader and the electronic tag in the RFID system must be solved before the communication, so as to ensure the validity of the identities of both parties concerned in the communication. For the security mechanism which is based on a Public Key Infrastructure (PKI) and a digital certificate, the digital certificate needs to be managed in the authentication process, thus the system has excessive communication traffic and management load, and it is not suitable for the RFID application. A security mechanism based on a pre-shared key is a method conventionally used by the RFID.
Presently, some authentication protocols based on the pre-shared key have been proposed in the industry. But analyses show that those protocols generally have the following shortages: 1) the key shared by the electronic tag and the reader needs to be stored in a database, which increases the implementation cost of the system; and 2) in the authentication process, the reader needs to query the database, which may cause a security problem and a long delay for the authentication. Therefore, the authentication methods in the prior art cannot completely meet the RFID application requirement.