Security of an RFID Based Authentication Protocol with Bitwise Operations for Supply Chain

Physically Unclonable Functions ◽

Lightweight Authentication ◽

Secure Authentication ◽

Bitwise Operations

Abstract Due to the stringent computational capabilities of low-cost RFID tags, several lightweight secure authentication protocols have been proposed for an RFID-based supply chain using bitwise operations. In this paper, we study the vulnerabilities associated with bitwise operations by doing cryptanalysis of a secure lightweight authentication protocol for RFID tags. The bitwise operations like rotation and XOR show that the protocol is vulnerable to tag, reader, and supply chain node impersonation attacks. We find that the major cause of the vulnerability is bitwise operations and suggest using the physically unclonable functions rather than bitwise operations to secure such lightweight protocols.

A Set of Efficient Privacy Protection Enforcing Lightweight Authentication Protocols for Low-Cost RFID Tags

2015 IEEE Trustcom/BigDataSE/ISPA ◽

10.1109/trustcom.2015.426 ◽

2015 ◽

Author(s):

Pierre-Francois Bonnefoi ◽

Pierre Dusart ◽

Damien Sauveron ◽

Raja Naeem Akram ◽

Konstantinos Markantonakis

Keyword(s):

Privacy Protection ◽

Low Cost ◽

Rfid Tags ◽

A Privacy-preserving Lightweight Authentication Protocol for Low-Cost RFID Tags

MILCOM 2007 - IEEE Military Communications Conference ◽

10.1109/milcom.2007.4454918 ◽

2007 ◽

Cited By ~ 12

Author(s):

Shucheng Yu ◽

Kui Ren ◽

Wenjing Lou

Keyword(s):

Low Cost ◽

Privacy Preserving ◽

Authentication Protocol ◽

Rfid Tags ◽

Lecture Notes in Computer Science - Information Security Theory and Practice. Security of Mobile and Cyber-Physical Systems ◽

Lightweight Authentication Protocol for Low-Cost RFID Tags

10.1007/978-3-642-38530-8_9 ◽

2013 ◽

pp. 129-144 ◽

Cited By ~ 4

Author(s):

Pierre Dusart ◽

Sinaly Traoré

Keyword(s):

Low Cost ◽

Authentication Protocol ◽

Rfid Tags ◽

Advances in Computer and Electrical Engineering - Advancing Consumer-Centric Fog Computing Architectures ◽

Secure Data Integrity Protocol for Fog Computing Environment

10.4018/978-1-5225-7149-0.ch007 ◽

2019 ◽

pp. 126-144

Author(s):

Kashif Munir ◽

Lawan Ahmed Mohammed

Keyword(s):

Internet Of Things ◽

Low Cost ◽

Fog Computing ◽

Authentication Protocol ◽

Smart Device ◽

Computing Environment ◽

Iot Devices ◽

Secure Authentication ◽

Distributed Infrastructure

Fog computing is a distributed infrastructure in which certain application processes or services are managed at the edge of the network by a smart device. Fog systems are capable of processing large amounts of data locally, operate on-premise, are fully portable, and can be installed on heterogeneous hardware. These features make the fog platform highly suitable for time and location-sensitive applications. For example, internet of things (IoT) devices are required to quickly process a large amount of data. The significance of enterprise data and increased access rates from low-resource terminal devices demand reliable and low-cost authentication protocols. Lots of researchers have proposed authentication protocols with varied efficiencies. As a part of this chapter, the authors propose a secure authentication protocol that is strongly secure and best suited for the fog computing environment.

Comparative Study on Various Authentication Protocols in Wireless Sensor Networks

The Scientific World JOURNAL ◽

10.1155/2016/6854303 ◽

2016 ◽

Vol 2016 ◽

pp. 1-16 ◽

Cited By ~ 7

Author(s):

S. Raja Rajeswari ◽

V. Seenivasagam

Keyword(s):

Wireless Sensor Networks ◽

Sensor Networks ◽

Key Management ◽

Low Cost ◽

Wireless Sensor ◽

Security Services ◽

Management Schemes ◽

Active Research ◽

Wireless sensor networks (WSNs) consist of lightweight devices with low cost, low power, and short-ranged wireless communication. The sensors can communicate with each other to form a network. In WSNs, broadcast transmission is widely used along with the maximum usage of wireless networks and their applications. Hence, it has become crucial to authenticate broadcast messages. Key management is also an active research topic in WSNs. Several key management schemes have been introduced, and their benefits are not recognized in a specific WSN application. Security services are vital for ensuring the integrity, authenticity, and confidentiality of the critical information. Therefore, the authentication mechanisms are required to support these security services and to be resilient to distinct attacks. Various authentication protocols such as key management protocols, lightweight authentication protocols, and broadcast authentication protocols are compared and analyzed for all secure transmission applications. The major goal of this survey is to compare and find out the appropriate protocol for further research. Moreover, the comparisons between various authentication techniques are also illustrated.

A Secure Authentication Infrastructure for Mobile Users

Advances in Security and Payment Methods for Mobile Commerce ◽

10.4018/978-1-59140-345-6.ch004 ◽

2011 ◽

pp. 56-80

Author(s):

Gregor V. Bochmann ◽

Eric Zhen Zhang

Keyword(s):

Electronic Commerce ◽

Authentication Protocol ◽

Security Requirements ◽

Mobile Users ◽

Its Analysis ◽

Trust Relationships ◽

Authentication Schemes ◽

Access Rights ◽

Secure Authentication

The requirements for an authentication infrastructure for electronic commerce are explained by identifying the partners involved in e-commerce transactions and the trust relationships required. Related security requirements are also explained, such as authentication, access rights, payment credentials, anonymity (in certain cases), and privacy and integrity of message exchanges. Then several general authentication schemes and specific protocols are reviewed and their suitability for mobile users is discussed. Finally, an improved authentication protocol is presented which can provide trust relationships for mobile e-commerce users. Its analysis and comparison with other proposed authentication protocols indicate that it is a good candidate for use in the context of mobile e-commerce.

Cryptanalysis of Sulma, An Ultralightweight Mutual Authentication Protocol for Low-Cost RFID Tags

International Journal of UbiComp ◽

10.5121/iju.2011.2402 ◽

2011 ◽

Vol 2 (4) ◽

pp. 15-25

Author(s):

Mahdi Azizi ◽

Nasour Bagheri

Keyword(s):

Low Cost ◽

Mutual Authentication ◽

Authentication Protocol ◽

Rfid Tags ◽

Mutual Authentication Protocol

A hidden mutual authentication protocol for low-cost RFID tags

International Journal of Communication Systems ◽

10.1002/dac.1222 ◽

2011 ◽

pp. n/a-n/a ◽

Cited By ~ 2

Author(s):

Jung-Shian Li ◽

Kun-Hsuan Liu

Keyword(s):

Low Cost ◽

Mutual Authentication ◽

Authentication Protocol ◽

Rfid Tags ◽

Mutual Authentication Protocol

A Revised Serverless Authentication Protocol with Forward Security for RFID

Applied Mechanics and Materials ◽

10.4028/www.scientific.net/amm.29-32.2267 ◽

2010 ◽

Vol 29-32 ◽

pp. 2267-2272

Author(s):

Lei He ◽

Yong Gan ◽

Na Na Li ◽

Tao Zhang

Keyword(s):

Computational Complexity ◽

Information Security ◽

Privacy Protection ◽

Authentication Protocol ◽

Forward Security ◽

Rfid System ◽

Security Problem ◽

Information security problem has become one of the hottest issues in RFID system. More and more researchers begin to study how to provide security protection in the RFID system. In the paper, we mainly research lightweight authentication protocols in RFID system. Firstly, we analyze some protocols. Secondly, we introduce a serverless authentication protocol for RFID system and analyze its security. We find it does not provide forward security. Thirdly, we propose a revised serverless authentication protocol with forward security. It provides two-way authentication and privacy protection, resists tracking and cloning attack as well as the original protocol. Moreover, it provides forward security protection and resists desynchronization attack. For the efficiency, its computational complexity is at the same level with the protocol proposed by Tan et al.

Achieving protection against man-in-the-middle attack in HB family protocols implemented in RFID tags

International Journal of Pervasive Computing and Communications ◽

10.1108/ijpcc-03-2016-0015 ◽

2016 ◽

Vol 12 (3) ◽

pp. 375-390 ◽

Cited By ~ 1

Author(s):

Aisha Aseeri ◽

Omaimah Bamasag

Keyword(s):

Radio Frequency Identification ◽

Resource Constraints ◽

Low Cost ◽

Rfid Tags ◽

Formal Proofs ◽

Content Type ◽

Security Issues ◽

Man In The Middle ◽

Identification Tags ◽

Purpose In the past few years, HB-like protocols have gained much attention in the field of lightweight authentication protocols due to their efficient functioning and large potential applications in low-cost radio frequency identification tags, which are on the other side spreading so fast. However, most published HB protocols are vulnerable to man-in-the-middle attacks such as GRS or OOV attacks. The purpose of this research is to investigate security issues pertaining to HB-like protocols with an aim of improving their security and efficiency. Design/methodology/approach In this paper, a new and secure variant of HB family protocols named HB-MP* is proposed and designed, using the techniques of random rotation. The security of the proposed protocol is proven using formal proofs. Also, a prototype of the protocol is implemented to check its applicability, test the security in implementation and to compare its performance with the most related protocol. Findings The HB-MP* protocol is found secure against passive and active adversaries and is implementable within the tight resource constraints of today’s EPC-type RFID tags. Accordingly, the HB-MP* protocol provides higher security than previous HB-like protocols without sacrificing performance. Originality/value This paper proposes a new HB variant called HB-MP* that tries to be immune against the pre-mentioned attacks and at the same time keeping the simple structure. It will use only lightweight operations to randomize the rotation of the secret.