Summary
A grouping‐proof protocol is to generate a proof that a group of tags have been scanned simultaneously in the range of a reader. Security and efficiency become the core issues when designing a grouping‐proof protocol. In this paper, we first describe the deployment model, adversary model, and security requirements of a grouping‐proof protocol. Then, we propose an offline reading order‐independent grouping‐proof protocol. To demonstrate security of our scheme, we present an ideal grouping‐proof functionality in the universally composable framework. Subsequently, we prove that the proposed protocol realizes the defined ideal functionality. Compared with the existing grouping‐proof protocols, our scheme satisfies the privacy and security requirements of a grouping‐proof protocol including tag/reader anonymity, tag/reader location privacy, mutual authorized access, anti‐active attack, anti‐replay attack, concurrent security, and so on. Meanwhile, our scheme has desirable performance. It conforms to the computational constraints of low‐cost passive radio frequency identification tags, which makes it suitable for large‐scale application. Copyright © 2015 John Wiley & Sons, Ltd.