scholarly journals A Strong Lightweight Authentication Protocol for Low-cost RFID Systems

2014 ◽  
Vol 8 (6) ◽  
pp. 225-234 ◽  
Author(s):  
Zhicai Shi ◽  
Josef Pieprzyk ◽  
Christophe Doche ◽  
Yongxiang Xia ◽  
Yu Zhang ◽  
...  
Keyword(s):  
Low Cost ◽  
Authentication Protocol ◽  
Rfid Systems ◽  
Lightweight Authentication

scholarly journals Securing IoT Based RFID Systems: A Robust Authentication Protocol Using Symmetric Cryptography

2019 ◽  
Author(s):  
Khwaja Mansoor ◽  
Anwar Ghani ◽  
Shehzad Ashraf Chaudhry ◽  
Shahaboddin Shamshirband ◽  
Shahbaz Ahmed Khan Ghayyur ◽  
...  
Keyword(s):  
Radio Frequency Identification ◽  
Communication Complexity ◽  
Low Cost ◽  
Denial Of Service ◽  
Authentication Protocol ◽  
Identification System ◽  
Radio Waves ◽  
Bar Code ◽  
Rfid Systems ◽  
Lightweight Authentication

Radio Frequency Identification (RFID) devices use radio waves to relay identifying information to an electronic reader using low-cost RFID Tag. RFID is expected to replace the conventional bar-code identification system due to its advantage like real-time recognition of a considerable number of objects. However, in RFID systems an attacker can get the tag that may lead to various security threats, and the limited computation power of RFID tags can cause delay. Lightweight authentication protocols proposed using cryptographic algorithms (one-way hash function, symmetric key encryption/decryption, and exclusive-OR) in order to cope with these problems. One such lightweight cryptographic protocol has been presented by Gope and Hwang using RFID systems. However, it analyzed in this article that their protocol is infeasible and vulnerable to Collision Attack, Denial-of-service (DoS), and Stolen verifier Attacks. A realistic, lightweight authentication protocol has been presented in this article to ensure protection against the mentioned attacks for IoT based RFID system. The proposed protocol has been formally analyzed using BAN logic and ProVerif as well as also analyzed informally using security requirement. The results show that the proposed protocol outperforms the existing protocols not only in security enhancements but also in terms of computation and communication complexity. Furthermore, the proposed protocol has also been analyzed for storage complexity.

scholarly journals Securing IoT-Based RFID Systems: A Robust Authentication Protocol Using Symmetric Cryptography

Sensors ◽  
2019 ◽  
Vol 19 (21) ◽  
pp. 4752 ◽  
Author(s):  
Khwaja Mansoor ◽  
Anwar Ghani ◽  
Shehzad Chaudhry ◽  
Shahaboddin Shamshirband ◽  
Shahbaz Ghayyur ◽  
...  
Keyword(s):  
Radio Frequency Identification ◽  
Denial Of Service ◽  
Authentication Protocol ◽  
Open Architecture ◽  
Attack Model ◽  
Rfid Systems ◽  
Frequency Identification ◽  
The Many ◽  
Lightweight Authentication ◽  
Exclusive Or

Despite the many conveniences of Radio Frequency Identification (RFID) systems, the underlying open architecture for communication between the RFID devices may lead to various security threats. Recently, many solutions were proposed to secure RFID systems and many such systems are based on only lightweight primitives, including symmetric encryption, hash functions, and exclusive OR operation. Many solutions based on only lightweight primitives were proved insecure, whereas, due to resource-constrained nature of RFID devices, the public key-based cryptographic solutions are unenviable for RFID systems. Very recently, Gope and Hwang proposed an authentication protocol for RFID systems based on only lightweight primitives and claimed their protocol can withstand all known attacks. However, as per the analysis in this article, their protocol is infeasible and is vulnerable to collision, denial-of-service (DoS), and stolen verifier attacks. This article then presents an improved realistic and lightweight authentication protocol to ensure protection against known attacks. The security of the proposed protocol is formally analyzed using Burrows Abadi-Needham (BAN) logic and under the attack model of automated security verification tool ProVerif. Moreover, the security features are also well analyzed, although informally. The proposed protocol outperforms the competing protocols in terms of security.

scholarly journals Security of an RFID Based Authentication Protocol with Bitwise Operations for Supply Chain

2021 ◽  
Author(s):  
Muhammad Arslan Akram ◽  
Adnan Noor Mian
Keyword(s):  
Supply Chain ◽  
Low Cost ◽  
Authentication Protocol ◽  
Rfid Tags ◽  
Authentication Protocols ◽  
Physically Unclonable Functions ◽  
Lightweight Authentication ◽  
Secure Authentication ◽  
Bitwise Operations

Abstract Due to the stringent computational capabilities of low-cost RFID tags, several lightweight secure authentication protocols have been proposed for an RFID-based supply chain using bitwise operations. In this paper, we study the vulnerabilities associated with bitwise operations by doing cryptanalysis of a secure lightweight authentication protocol for RFID tags. The bitwise operations like rotation and XOR show that the protocol is vulnerable to tag, reader, and supply chain node impersonation attacks. We find that the major cause of the vulnerability is bitwise operations and suggest using the physically unclonable functions rather than bitwise operations to secure such lightweight protocols.

Impersonation Attack on RFID Authentication Protocol and its Countermeasures

2011 ◽  
Vol 467-469 ◽  
pp. 1787-1792
Author(s):  
Yung Cheng Lee
Keyword(s):  
Low Cost ◽  
Authentication Protocol ◽  
Impersonation Attack ◽  
Replay Attack ◽  
Privacy And Security ◽  
Rfid Systems ◽  
Authentication Mechanism ◽  
Security Service ◽  
Security Properties ◽  
Tag Impersonation

Due to the well-developed technology and its variety of applications, the Radio Frequency Identifications (RFIDs) are widespread in a broad range of markets. In many applications, the RFID systems need security service such as authentication mechanism to identify tag and resist possible attacks. In 2008, Song et al. proposed a RFID authentication protocol for low-cost tags. Their protocol has the merits of privacy and security properties, and it can stand tag impersonation attack, replay attack, and backward/forward traceability. In this article, we show that their protocol cannot resist server impersonation attack as they declared. An adversary can successfully impersonate as a server to send fake message for verification. We also present countermeasures to fix the flaw. The performance of the improved mechanisms is the same as that of Song et al.’s protocol while the server impersonation attack is avoided.

scholarly journals On the Security of Rotation Operation Based Ultra-Lightweight Authentication Protocols for RFID Systems

2018 ◽  
Vol 10 (9) ◽  
pp. 82
Author(s):  
Masoumeh Safkhani ◽  
Nasour Bagheri ◽  
Mahyar Shariat
Keyword(s):  
Radio Frequency Identification ◽  
Success Probability ◽  
Authentication Protocol ◽  
Rfid Tags ◽  
Rfid Systems ◽  
Frequency Identification ◽  
Lightweight Authentication ◽  
The Given ◽  
Rotation Function ◽  
Lightweight Encryption

Passive Radio Frequency IDentification (RFID) tags are generally highly constrained and cannot support conventional encryption systems to meet the required security. Hence, designers of security protocols may try to achieve the desired security only using limited ultra-lightweight operations. In this paper, we show that the security of such protocols is not provided by using rotation functions. In the following, for an example, we investigate the security of an RFID authentication protocol that has been recently developed using rotation function named ULRAS, which stands for an Ultra-Lightweight RFID Authentication Scheme and show its security weaknesses. More precisely, we show that the ULRAS protocol is vulnerable against de-synchronization attack. The given attack has the success probability of almost ‘1’, with the complexity of only one session of the protocol. In addition, we show that the given attack can be used as a traceability attack against the protocol if the parameters’ lengths are an integer power of 2, e.g., 128. Moreover, we propose a new authentication protocol named UEAP, which stands for an Ultra-lightweight Encryption based Authentication Protocol, and then informally and formally, using Scyther tool, prove that the UEAP protocol is secure against all known active and passive attacks.

Sign in / Sign up

Export Citation Format

Share Document