Wireless Personal Communications DOI: 10.1007/•••••-•••-•••-••••-• Security of an RFID based Authentication Protocol with Bitwise Operations for Supply Chain Muhammad Arslan Akram 1 · Adnan Noor Mian 1 © Springer •••• Abstract Due to the stringent computational capabilities of low-cost RFID tags, several lightweight secure authentication protocols have been proposed for an RFID-based supply chain using bitwise operations. In this paper, we study the vulnerabilities associated with bitwise operations by doing cryptanalysis of a secure lightweight authentication protocol for RFID tags. The bitwise operations like rotation and XOR show that the protocol is vulnerable to tag, reader, and supply chain node impersonation attacks. We find that the major cause of the vulnerability is bitwise operations and suggest using the physically unclonable functions rather than bitwise operations to secure such lightweight protocols. Keywords: Authentication protocol, PUF, Cryptanalysis, RFID, Imperson- ation Attack, Supply Chain 1. Introduction Supply chain is the management of the entire flow of goods, data, finance and production, and supervises the processes until it transforms them into final products or reaches their destination. A well-managed and immutable supply chain is needed to identify the origin of counterfeit goods which have somehow reached to the consumers Dabbene, Gay, and Tortia (2014). In supply chain many departments link with each other by using RFID tags for the acquisition of their own data. Recently, several lightweight authentication protocols have been proposed with the goal of achieving secure authentication through bitwise operations  A.N.M. adnan.noor@itu.edu.pk M.A.A. arslan.akram@itu.edu.pk 1 Department of Computer Science, Information Technology University, Lahore, Punjab, Pakistan. WPC: output.tex; 11 April 2021; 6:56; p. 1