A Set of Efficient Privacy Protection Enforcing Lightweight Authentication Protocols for Low-Cost RFID Tags

Physically Unclonable Functions ◽

Lightweight Authentication ◽

Secure Authentication ◽

Bitwise Operations

Abstract Due to the stringent computational capabilities of low-cost RFID tags, several lightweight secure authentication protocols have been proposed for an RFID-based supply chain using bitwise operations. In this paper, we study the vulnerabilities associated with bitwise operations by doing cryptanalysis of a secure lightweight authentication protocol for RFID tags. The bitwise operations like rotation and XOR show that the protocol is vulnerable to tag, reader, and supply chain node impersonation attacks. We find that the major cause of the vulnerability is bitwise operations and suggest using the physically unclonable functions rather than bitwise operations to secure such lightweight protocols.

Comparative Study on Various Authentication Protocols in Wireless Sensor Networks

The Scientific World JOURNAL ◽

10.1155/2016/6854303 ◽

2016 ◽

Vol 2016 ◽

pp. 1-16 ◽

Cited By ~ 7

Author(s):

S. Raja Rajeswari ◽

V. Seenivasagam

Keyword(s):

Wireless Sensor Networks ◽

Sensor Networks ◽

Key Management ◽

Low Cost ◽

Wireless Sensor ◽

Security Services ◽

Management Schemes ◽

Active Research ◽

Wireless sensor networks (WSNs) consist of lightweight devices with low cost, low power, and short-ranged wireless communication. The sensors can communicate with each other to form a network. In WSNs, broadcast transmission is widely used along with the maximum usage of wireless networks and their applications. Hence, it has become crucial to authenticate broadcast messages. Key management is also an active research topic in WSNs. Several key management schemes have been introduced, and their benefits are not recognized in a specific WSN application. Security services are vital for ensuring the integrity, authenticity, and confidentiality of the critical information. Therefore, the authentication mechanisms are required to support these security services and to be resilient to distinct attacks. Various authentication protocols such as key management protocols, lightweight authentication protocols, and broadcast authentication protocols are compared and analyzed for all secure transmission applications. The major goal of this survey is to compare and find out the appropriate protocol for further research. Moreover, the comparisons between various authentication techniques are also illustrated.

A Revised Serverless Authentication Protocol with Forward Security for RFID

Applied Mechanics and Materials ◽

10.4028/www.scientific.net/amm.29-32.2267 ◽

2010 ◽

Vol 29-32 ◽

pp. 2267-2272

Author(s):

Lei He ◽

Yong Gan ◽

Na Na Li ◽

Tao Zhang

Keyword(s):

Computational Complexity ◽

Information Security ◽

Privacy Protection ◽

Authentication Protocol ◽

Forward Security ◽

Rfid System ◽

Security Problem ◽

Information security problem has become one of the hottest issues in RFID system. More and more researchers begin to study how to provide security protection in the RFID system. In the paper, we mainly research lightweight authentication protocols in RFID system. Firstly, we analyze some protocols. Secondly, we introduce a serverless authentication protocol for RFID system and analyze its security. We find it does not provide forward security. Thirdly, we propose a revised serverless authentication protocol with forward security. It provides two-way authentication and privacy protection, resists tracking and cloning attack as well as the original protocol. Moreover, it provides forward security protection and resists desynchronization attack. For the efficiency, its computational complexity is at the same level with the protocol proposed by Tan et al.

Achieving protection against man-in-the-middle attack in HB family protocols implemented in RFID tags

International Journal of Pervasive Computing and Communications ◽

10.1108/ijpcc-03-2016-0015 ◽

2016 ◽

Vol 12 (3) ◽

pp. 375-390 ◽

Cited By ~ 1

Author(s):

Aisha Aseeri ◽

Omaimah Bamasag

Keyword(s):

Radio Frequency Identification ◽

Resource Constraints ◽

Low Cost ◽

Rfid Tags ◽

Formal Proofs ◽

Content Type ◽

Security Issues ◽

Man In The Middle ◽

Identification Tags ◽

Purpose In the past few years, HB-like protocols have gained much attention in the field of lightweight authentication protocols due to their efficient functioning and large potential applications in low-cost radio frequency identification tags, which are on the other side spreading so fast. However, most published HB protocols are vulnerable to man-in-the-middle attacks such as GRS or OOV attacks. The purpose of this research is to investigate security issues pertaining to HB-like protocols with an aim of improving their security and efficiency. Design/methodology/approach In this paper, a new and secure variant of HB family protocols named HB-MP* is proposed and designed, using the techniques of random rotation. The security of the proposed protocol is proven using formal proofs. Also, a prototype of the protocol is implemented to check its applicability, test the security in implementation and to compare its performance with the most related protocol. Findings The HB-MP* protocol is found secure against passive and active adversaries and is implementable within the tight resource constraints of today’s EPC-type RFID tags. Accordingly, the HB-MP* protocol provides higher security than previous HB-like protocols without sacrificing performance. Originality/value This paper proposes a new HB variant called HB-MP* that tries to be immune against the pre-mentioned attacks and at the same time keeping the simple structure. It will use only lightweight operations to randomize the rotation of the secret.

A Forward Secure RFID Privacy Protection Scheme with Two-Way Authentication

Applied Mechanics and Materials ◽

10.4028/www.scientific.net/amm.29-32.2262 ◽

2010 ◽

Vol 29-32 ◽

pp. 2262-2266

Author(s):

Yong Gan ◽

Lei He ◽

Tao Zhang ◽

Na Na Li

Keyword(s):

Information Security ◽

Privacy Protection ◽

Low Cost ◽

Forward Security ◽

Protection Scheme ◽

Rfid System ◽

Security Problem

RFID has become an important infrastructure technology. However, it does not solve information security problem. An adversary can eavesdrop on the messages exchanged between tag and backend database and track tag’s holder. Many scholars have proposed some lightweight protocols in order to protect user’s privacy and avoid various attacks. In this paper, we analyze some authentication protocols. Especially, we analyze a forward secure RFID privacy protection scheme proposed by Ohkubo et al. Afterwards, we propose an improved protection scheme with two-way authentication. It is lightweight and suitable for low-cost RFID system. Moreover, it not only provides indistinguishability and forward security but also provides two-way authentication.

A Privacy-preserving Lightweight Authentication Protocol for Low-Cost RFID Tags

MILCOM 2007 - IEEE Military Communications Conference ◽

10.1109/milcom.2007.4454918 ◽

2007 ◽

Cited By ~ 12

Author(s):

Shucheng Yu ◽

Kui Ren ◽

Wenjing Lou

Keyword(s):

Low Cost ◽

Privacy Preserving ◽

Authentication Protocol ◽

Rfid Tags ◽

An efficient and privacy protection multi-server authentication scheme for low-cost RFID tags

2010 International Computer Symposium (ICS2010) ◽

10.1109/compsym.2010.5685502 ◽

2010 ◽

Cited By ~ 1

Author(s):

Wen-Shenq Juang ◽

Hui-Chin Tseng ◽

Yun-Yu Shue

Keyword(s):

Privacy Protection ◽

Low Cost ◽

Authentication Scheme ◽

Rfid Tags ◽

Multi Server

A Modified Two-Way Authentication Protocol without Server for RFID

Applied Mechanics and Materials ◽

10.4028/www.scientific.net/amm.29-32.2709 ◽

2010 ◽

Vol 29-32 ◽

pp. 2709-2713

Author(s):

Xin Mei Lu ◽

Lei He

Keyword(s):

Computational Complexity ◽

Information Security ◽

Privacy Protection ◽

Authentication Protocol ◽

Rfid System ◽

Secure Protocol ◽

It is necessary for researchers to design lightweight authentication protocols to protect information security between tag and reader in RFID system. It is a great challenge to design an efficient and secure protocol because the tag has limited computation resource. In the paper, we firstly analyze some protocols. Secondly, we introduce a serverless authentication protocol for RFID system and analyze its security. We find it does not provide two-way authentication. Thirdly, we propose a modified two-way authentication protocol without server for RFID. The result indicates it provides privacy protection, resists tracking, and resists cloning attack. Moreover, it provides two-way authentication. For the efficiency, we think the computational complexity of our protocol is at the same level with the original protocol.