Cryptanalysis of Radio Frequency Identification System Mutual Authentication Protocol

2019 ◽  
Author(s):  
Madiha Khalid ◽  
Aniqa Tahir ◽  
Umar Khokhar ◽  
Hyesung Park
Keyword(s):  
Radio Frequency ◽  
Radio Frequency Identification ◽  
Mutual Authentication ◽  
Authentication Protocol ◽  
Identification System ◽  
Frequency Identification ◽  
Mutual Authentication Protocol

scholarly journals Cryptanalysis of ultralightweight mutual authentication protocol for radio frequency identification enabled Internet of Things networks

2018 ◽  
Vol 14 (8) ◽  
pp. 155014771879512 ◽  
Author(s):  
Madiha Khalid ◽  
Umar Mujahid ◽  
Muhammad Najam-ul-Islam
Keyword(s):  
Internet Of Things ◽  
Radio Frequency ◽  
Radio Frequency Identification ◽  
Mutual Authentication ◽  
Authentication Protocol ◽  
Wireless Channel ◽  
Frequency Identification ◽  
Mutual Authentication Protocol ◽  
Attack Models ◽  
Internet Of Thing

Internet of Things is one of the most important components of modern technological systems. It allows the real time synchronization and connectivity of devices with each other and with the rest of the world. The radio frequency identification system is used as node identification mechanism in the Internet of Thing networks. Since Internet of Things involve wireless channel for communication that is open for all types of malicious adversaries, therefore many security protocols have been proposed to ensure encryption over wireless channel. To reduce the overall cost of radio frequency identification enabled Internet of Thing network security, the researchers use simple bitwise logical operations such as XOR, AND, OR, and Rot and have proposed many ultralightweight mutual authentication protocols. However, almost all the previously proposed protocols were later found to be vulnerable against several attack models. Recently, a new ultralightweight mutual authentication protocol has been proposed which involves only XOR and Rotation functions in its design and claimed to be robust against all possible attack models. In this article, we have performed cryptanalysis of this recently proposed ultralightweight mutual authentication protocol and found many pitfalls and vulnerabilities in the protocol design. We have exploited weak structure of the protocol messages and proposed three attacks against the said protocol: one desynchronization and two full disclosure attacks.

scholarly journals A Lightweight RFID Mutual Authentication Protocol with PUF

Sensors ◽  
2019 ◽  
Vol 19 (13) ◽  
pp. 2957 ◽  
Author(s):  
Feng Zhu ◽  
Peng Li ◽  
He Xu ◽  
Ruchuan Wang
Keyword(s):  
Radio Frequency ◽  
Radio Frequency Identification ◽  
Large Scale ◽  
Mutual Authentication ◽  
Authentication Protocol ◽  
Security And Privacy ◽  
Great Loss ◽  
Physically Unclonable Functions ◽  
Frequency Identification ◽  
Mutual Authentication Protocol

Radio frequency identification is one of the key techniques for Internet of Things, which has been widely adopted in many applications for identification. However, there exist various security and privacy issues in radio frequency identification (RFID) systems. Particularly, one of the most serious threats is to clone tags for the goal of counterfeiting goods, which causes great loss and danger to customers. To solve these issues, lots of authentication protocols are proposed based on physical unclonable functions that can ensure an anti-counterfeiting feature. However, most of the existing schemes require secret parameters to be stored in tags, which are vulnerable to physical attacks that can further lead to the breach of forward secrecy. Furthermore, as far as we know, none of the existing schemes are able to solve the security and privacy problems with good scalability. Since many existing schemes rely on exhaustive searches of the backend server to validate a tag and they are not scalable for applications with a large scale database. Hence, in this paper, we propose a lightweight RFID mutual authentication protocol with physically unclonable functions (PUFs). The performance analysis shows that our proposed scheme can ensure security and privacy efficiently in a scalable way.

scholarly journals Cloud-based radio frequency identification authentication protocol with location privacy protection

2018 ◽  
Vol 14 (1) ◽  
pp. 155014771875496
Author(s):  
Qingkuan Dong ◽  
Mengmeng Chen ◽  
Lulu Li ◽  
Kai Fan
Keyword(s):  
Radio Frequency ◽  
Radio Frequency Identification ◽  
Cloud Storage ◽  
Location Privacy ◽  
Mutual Authentication ◽  
Cloud Service ◽  
Authentication Protocol ◽  
Identification System ◽  
Cloud Service Provider ◽  
Frequency Identification

With the development of the Internet of things and cloud storage, a large number of objects access to the Internet through radio frequency identification technology, cloud-based radio frequency identification system attracts more attention because it can reduce the costs of system maintenance by renting the cloud storage service on demand. Especially, it is very suitable for the small- and medium-sized enterprises. However, the security and privacy issues of the cloud-based radio frequency identification system are more serious than traditional radio frequency identification systems. The link between the reader and the cloud is no longer secure, and the cloud service provider is not trusted. Both the location privacy of the reader and the data privacy of the radio frequency identification system are not able to be exposed to the cloud service provider. In this article, a cloud-based radio frequency identification authentication protocol is proposed. It considers not only the mutual authentication between the reader and the tag, but also the security of data transmission between the reader and the cloud database. In particular, in order to solve the reader’s location privacy problem, the proposed scheme introduces MIPv6 network framework without adding additional infrastructure. The experimental verification with AVISPA tool shows that the protocol satisfies the mutual authentication property. Compared with other cloud-based schemes, the proposed protocol has obvious advantages in deployment cost, scalability, real-time authentication, and the tag’s computational complexity.

Super lightweight mobile RFID authentication protocol for bit replacement operation

2020 ◽  
pp. 1-15
Author(s):  
Yubao Hou ◽  
Hua Liang ◽  
Juan liu
Keyword(s):  
Radio Frequency ◽  
Radio Frequency Identification ◽  
Authentication Protocol ◽  
Wireless Channel ◽  
Identification System ◽  
Rfid Systems ◽  
Rfid System ◽  
Frequency Identification ◽  
Replacement Operation ◽  
Mobile Rfid

In the traditional RFID (Radio Frequency IDentification) system, a secure wired channel communication is used between the reader and the server. The newly produced mobile RFID system is different from the traditional RFID system, the communication between the reader and the server is based on a wireless channel, and the authentication protocol is suitable for traditional RFID systems, but it cannot be used in mobile RFID systems. To solve this problem, a mutual authentication protocol MSB (Most Significant Bit) for super lightweight mobile radio frequency identification system is proposed based on bit replacement operation. MSB is a bitwise operation to encrypt information and reduce the computational load of communication entities. Label, readers, and servers authenticate first and then communicate, MSB may be used to resistant to common attacks. The security analysis of the protocol shows that the protocol has high security properties, the performance analysis of the protocol shows that the protocol has the characteristics of low computational complexity, the formal analysis of the protocol based on GNY logic Gong et al. (1990) provides a rigorous reasoning proof process for the protocol.

scholarly journals Cost and Lightweight Modeling Analysis of RFID Authentication Protocols in Resource Constraint Internet of Things

2017 ◽  
Vol 10 (3) ◽  
pp. 179
Author(s):  
Adarsh Kumar ◽  
Krishna Gopal ◽  
Alok Aggarwal
Keyword(s):  
Internet Of Things ◽  
Radio Frequency ◽  
Radio Frequency Identification ◽  
Mutual Authentication ◽  
Authentication Protocol ◽  
Resource Constraint ◽  
Authentication Protocols ◽  
Pervasive Environment ◽  
Rfid Authentication Protocols ◽  
Mutual Authentication Protocol

Internet of Things (IoT) is a pervasive environment to interconnect the things like: smart objects, devices etc. in a structure like internet. Things can be interconnected in IoT if these are uniquely addressable and identifiable. Radio Frequency Identification (RFID) is one the important radio frequency based addressing scheme in IoT. Major security challenge in resource constraint RFID networks is how to achieve traditional CIA security i.e. Confidentiality, Integrity and Authentication. Computational and communication costs for Lightweight Mutual Authentication Protocol (LMAP), RFID mutual Authentication Protocol with Permutation (RAPP) and kazahaya authentication protocols are analyzed. These authentication protocols are modeled to analyze the delays using lightweight modeling language. Delay analysis is performed using alloy model over LMAP, RAPP and kazahaya authentication protocols where one datacenter (DC) is connected to different number of readers (1,5 or 10) with connectivity to 1, 5 or 25 tags associated with reader and its results show that for LMAP delay varies from 30-156 msec, for RAPP from 31-188 while for kazahaya from 61-374 msec. Further, performance of RFID authentication protocols is analyzed for group construction through more than one DC (1,5 or 10) with different number of readers (10, 50 or 100) and tags associated with these readers (50, 500, 1000) and results show that DC based binary tree topology with LMAP authentication protocol is having a minimum delay for 50 or 100 readers. Other authentication protocols fail to give authentication results because of large delays in the network. Thus, RAPP and Kazahaya are not suitable for scenarios where there is large amount of increase in number of tags or readers.

RFID Authentication and Communication Protocol Based on the Dynamic Active Tag ID and Key

2013 ◽  
Vol 336-338 ◽  
pp. 1913-1919
Author(s):  
Xiao Hong Zhang ◽  
Hui Qin Wang ◽  
He Bo
Keyword(s):  
Radio Frequency ◽  
Radio Frequency Identification ◽  
Communication Protocol ◽  
Mutual Authentication ◽  
Authentication Protocol ◽  
Replay Attack ◽  
Active Rfid ◽  
Frequency Identification

The reliability of Radio Frequency Identification (RFID) mechanism is disturbed by illegal tracking and information intercepted.The paper proposed a new active RFID authentication protocol based on the dynamic tag ID and encryption key,which transforms the tag ID using chaotic transformation during authentication and communication between the reader and tags,and realizes mutual authentication of the reader and tags.Through the analysis of security, the protocol not only can ensure the integrity, fresh and confidentiality of data, but also can effectively prevent illegal tracking labels and replay attack.

RFID Mutual Authentication Protocol Based on Chaos Key

2013 ◽  
Vol 846-847 ◽  
pp. 1519-1523
Author(s):  
Nan Zhang ◽  
Jian Hua Zhang ◽  
Jun Yang
Keyword(s):  
Radio Frequency Identification ◽  
Low Cost ◽  
Mutual Authentication ◽  
Authentication Protocol ◽  
Secret Key ◽  
Security Issues ◽  
Hash Algorithm ◽  
Frequency Identification ◽  
Chaos Sequences ◽  
Mutual Authentication Protocol

While radio frequency identification (RFID) is evolving as a major technology enabler for identifying and tracking goods and assets around the world, its security issues are also increasingly exposed. A Hash-based RFID mutual authentication protocol was put forward. The key was joined into the hash algorithm, and chaos sequences were used to update the key. The protocol enhances the security of the RFID system with low cost. Experiments show that the chaos system has the character of initial value sensitivity, which can be used to distribute and update the secret key. Safety analysis show that the mutual authentication protocol can solve security issues including eavesdropping, illegal access, masquerade, spoofing attack, position tracking.

scholarly journals IoT Device Security: Challenging “A Lightweight RFID Mutual Authentication Protocol Based on Physical Unclonable Function”

Sensors ◽  
2018 ◽  
Vol 18 (12) ◽  
pp. 4444 ◽  
Author(s):  
Ygal Bendavid ◽  
Nasour Bagheri ◽  
Masoumeh Safkhani ◽  
Samad Rostampour
Keyword(s):  
Radio Frequency Identification ◽  
Mutual Authentication ◽  
Security Analysis ◽  
Authentication Protocol ◽  
Security Protocol ◽  
Physical Unclonable Function ◽  
Security Risks ◽  
Processing Power ◽  
Frequency Identification ◽  
Mutual Authentication Protocol

With the exponential increase of Internet of things (IoT) connected devices, important security risks are raised as any device could be used as an attack channel. This preoccupation is particularly important with devices featuring limited processing power and memory capabilities for security purposes. In line with this idea, Xu et al. (2018) proposed a lightweight Radio Frequency Identification (RFID) mutual authentication protocol based on Physical Unclonable Function (PUF)—ensuring mutual tag-reader verification and preventing clone attacks. While Xu et al. claim that their security protocol is efficient to protect RFID systems, we found it still vulnerable to a desynchronization attack and to a secret disclosure attack. Hence, guidelines for the improvements to the protocol are also suggested, for instance by changing the structure of the messages to avoid trivial attacks. In addition, we provide an explicit protocol for which our formal and informal security analysis have found no weaknesses.

Sign in / Sign up

Export Citation Format

Share Document