Facing man-in-the-middle and route diversion attacks in energy-limited RFID systems based on mobile readers