scholarly journals Survey: Vulnerability Analysis of Low-Cost ECC-Based RFID Protocols against Wireless and Side-Channel Attacks

Sensors ◽  
2021 ◽  
Vol 21 (17) ◽  
pp. 5824
Author(s):  
Souhir Gabsi ◽  
Vincent Beroulle ◽  
Yann Kieffer ◽  
Hiep Manh Dao ◽  
Yassin Kortli ◽  
...  
Keyword(s):  
Radio Frequency Identification ◽  
Data Transfer ◽  
Low Cost ◽  
Mutual Authentication ◽  
Side Channel ◽  
Authentication Protocols ◽  
Side Channel Attacks ◽  
Advantages And Disadvantages ◽  
Rfid System ◽  
Rfid Authentication Protocols

The radio frequency identification (RFID) system is one of the most important technologies of the Internet of Things (IoT) that tracks single or multiple objects. This technology is extensively used and attracts the attention of many researchers in various fields, including healthcare, supply chains, logistics, asset tracking, and so on. To reach the required security and confidentiality requirements for data transfer, elliptic curve cryptography (ECC) is a powerful solution, which ensures a tag/reader mutual authentication and guarantees data integrity. In this paper, we first review the most relevant ECC-based RFID authentication protocols, focusing on their security analysis and operational performances. We compare the various lightweight ECC primitive implementations designed for RFID applications in terms of occupied area and power consumption. Then, we highlight the security threats that can be encountered considering both network attacks and side-channel attacks and analyze the security effectiveness of RFID authentication protocols against such types of attacks. For this purpose, we classify the different threats that can target an ECC-based RFID system. After that, we present the most promising ECC-based protocols released during 2014–2021 by underlining their advantages and disadvantages. Finally, we perform a comparative study between the different protocols mentioned regarding network and side-channel attacks, as well as their implementation costs to find the optimal one to use in future works.

scholarly journals SLEC: A Novel Serverless RFID Authentication Protocol Based on Elliptic Curve Cryptography

Electronics ◽  
2019 ◽  
Vol 8 (10) ◽  
pp. 1166
Author(s):  
Rania Baashirah ◽  
Abdelshakour Abuzneid
Keyword(s):  
Elliptic Curve ◽  
Radio Frequency Identification ◽  
Elliptic Curve Cryptography ◽  
Secure Communication ◽  
Mutual Authentication ◽  
Authentication Protocol ◽  
New Paradigm ◽  
Authentication Protocols ◽  
Rfid System ◽  
Setup Phase

Internet of Things (IoT) is a new paradigm that has been evolving into the wireless sensor networks to expand the scope of networked devices (or things). This evolution drives communication engineers to design secure and reliable communication at a low cost for many network applications such as radio frequency identification (RFID). In the RFID system, servers, readers, and tags communicate wirelessly. Therefore, mutual authentication is necessary to ensure secure communication. Normally, a central server supports the authentication of readers and tags by distributing and managing the credentials. Recent lightweight RFID authentication protocols have been proposed to satisfy the security features of RFID networks. Using a serverless RFID system is an alternative solution to using a central server. In this model, both the reader and the tag perform mutual authentication without the need for the central server. However, many security challenges arise from implementing lightweight authentication protocols in serverless RFID systems. We propose a new secure serverless RFID authentication protocol based on the famous elliptic curve cryptography (ECC). The protocol also maintains the confidentiality and privacy of the messages, tag information, and location. Although most of the current serverless protocols assume secure channels in the setup phase, we assume an insecure environment during the setup phase between the servers, readers, and tags. We ensure that the credentials can be renewed by any checkpoint server in the mobile RFID network. Thus, we implement ECC in the setup phase (renewal phase), to transmit and store the communication credentials of the server to multiple readers so that the tags can perform the mutual authentication successfully while far from the server. The proposed protocol is compared with other serverless frameworks proposed in the literature in terms of computation cost and attacks resistance.

scholarly journals Cost and Lightweight Modeling Analysis of RFID Authentication Protocols in Resource Constraint Internet of Things

2017 ◽  
Vol 10 (3) ◽  
pp. 179
Author(s):  
Adarsh Kumar ◽  
Krishna Gopal ◽  
Alok Aggarwal
Keyword(s):  
Internet Of Things ◽  
Radio Frequency ◽  
Radio Frequency Identification ◽  
Mutual Authentication ◽  
Authentication Protocol ◽  
Resource Constraint ◽  
Authentication Protocols ◽  
Pervasive Environment ◽  
Rfid Authentication Protocols ◽  
Mutual Authentication Protocol

Internet of Things (IoT) is a pervasive environment to interconnect the things like: smart objects, devices etc. in a structure like internet. Things can be interconnected in IoT if these are uniquely addressable and identifiable. Radio Frequency Identification (RFID) is one the important radio frequency based addressing scheme in IoT. Major security challenge in resource constraint RFID networks is how to achieve traditional CIA security i.e. Confidentiality, Integrity and Authentication. Computational and communication costs for Lightweight Mutual Authentication Protocol (LMAP), RFID mutual Authentication Protocol with Permutation (RAPP) and kazahaya authentication protocols are analyzed. These authentication protocols are modeled to analyze the delays using lightweight modeling language. Delay analysis is performed using alloy model over LMAP, RAPP and kazahaya authentication protocols where one datacenter (DC) is connected to different number of readers (1,5 or 10) with connectivity to 1, 5 or 25 tags associated with reader and its results show that for LMAP delay varies from 30-156 msec, for RAPP from 31-188 while for kazahaya from 61-374 msec. Further, performance of RFID authentication protocols is analyzed for group construction through more than one DC (1,5 or 10) with different number of readers (10, 50 or 100) and tags associated with these readers (50, 500, 1000) and results show that DC based binary tree topology with LMAP authentication protocol is having a minimum delay for 50 or 100 readers. Other authentication protocols fail to give authentication results because of large delays in the network. Thus, RAPP and Kazahaya are not suitable for scenarios where there is large amount of increase in number of tags or readers.

scholarly journals Security and collision in RFID systems

2021 ◽  
Author(s):  
Mohammed Jameel Hakeem
Keyword(s):  
Radio Frequency Identification ◽  
Time Slot ◽  
Mutual Authentication ◽  
Wireless Channel ◽  
Security And Privacy ◽  
Linear Feedback ◽  
Authentication Protocols ◽  
Frame Size ◽  
Identification Process ◽  
Rfid Authentication Protocols

Abstract Radio Frequency Identification (RFID) is a promising technology to provide automated contactless identification of objects, people and animals. The identification process is performed as the reader receives simultaneous responses from various tags over a shared wireless channel and without no requirement of line-of-sight in the interrogation zone. The communication between the reader and tags is separated into two processes: identification and acknowledgment processes. Both processes suffer from serious drawbacks that limit the proliferation of RFID. Such drawbacks are security and privacy and collision problems. This thesis has two main parts. The first part examines the security and privacy of the existing RFID authentication protocols. We introduced a novel cryptographic scheme, Hacker Proof Authentication Protocol (HPAP) that allows mutual authentication and achieves full security by deploying tag static identifier, updated timestamp, a one-way hash function and encryption keys with randomized update using Linear Feedback Shift Register (LFSR). Cryptanalysis and simulation show that the protocol is secure against various attacks. In comparison with the various existing RFID authentication protocols, our protocol has less computation load, requires less storage, and costs less. The second part focuses on solving RFID collision arbitration imposed by the shared wireless link between a reader and the many tags distributed in the interrogation zone. In most proposed anticollision algorithms, tags reply randomly to the time slots chosen by the reader. Since more than two tags may choose the same time slot in a frame, this Random Access (RA) causes garbled data at the reader side resulting the identification process fails. Towards this challenge, two ALOHA based anti-collision algorithms that adopt a new way for tags to choose their replied time slots to enhance system efficiency are presented. In MBA and LTMBA, tags use modulo function to choose their owned time slot. The difference between the two algorithms relies on the method by which the reader estimates the next frame size. The performance evaluation of the two algorithms shows better performance than previously proposed algorithms in terms of fewer communication rounds and fewer collided/empty slots considering the limitation of the EPCglobal Class-1 Gen-2 standard.

scholarly journals Security and collision in RFID systems

2021 ◽  
Author(s):  
Mohammed Jameel Hakeem
Keyword(s):  
Radio Frequency Identification ◽  
Time Slot ◽  
Mutual Authentication ◽  
Wireless Channel ◽  
Security And Privacy ◽  
Linear Feedback ◽  
Authentication Protocols ◽  
Frame Size ◽  
Identification Process ◽  
Rfid Authentication Protocols

Abstract Radio Frequency Identification (RFID) is a promising technology to provide automated contactless identification of objects, people and animals. The identification process is performed as the reader receives simultaneous responses from various tags over a shared wireless channel and without no requirement of line-of-sight in the interrogation zone. The communication between the reader and tags is separated into two processes: identification and acknowledgment processes. Both processes suffer from serious drawbacks that limit the proliferation of RFID. Such drawbacks are security and privacy and collision problems. This thesis has two main parts. The first part examines the security and privacy of the existing RFID authentication protocols. We introduced a novel cryptographic scheme, Hacker Proof Authentication Protocol (HPAP) that allows mutual authentication and achieves full security by deploying tag static identifier, updated timestamp, a one-way hash function and encryption keys with randomized update using Linear Feedback Shift Register (LFSR). Cryptanalysis and simulation show that the protocol is secure against various attacks. In comparison with the various existing RFID authentication protocols, our protocol has less computation load, requires less storage, and costs less. The second part focuses on solving RFID collision arbitration imposed by the shared wireless link between a reader and the many tags distributed in the interrogation zone. In most proposed anticollision algorithms, tags reply randomly to the time slots chosen by the reader. Since more than two tags may choose the same time slot in a frame, this Random Access (RA) causes garbled data at the reader side resulting the identification process fails. Towards this challenge, two ALOHA based anti-collision algorithms that adopt a new way for tags to choose their replied time slots to enhance system efficiency are presented. In MBA and LTMBA, tags use modulo function to choose their owned time slot. The difference between the two algorithms relies on the method by which the reader estimates the next frame size. The performance evaluation of the two algorithms shows better performance than previously proposed algorithms in terms of fewer communication rounds and fewer collided/empty slots considering the limitation of the EPCglobal Class-1 Gen-2 standard.

RFID Security Authentication Protocol Based on Hash for the Lightweight RFID Systems

2013 ◽  
Vol 380-384 ◽  
pp. 2831-2836
Author(s):  
Hong He ◽  
Qi Li ◽  
Zhi Hong Zhang
Keyword(s):  
Mutual Authentication ◽  
Authentication Protocol ◽  
Authentication Protocols ◽  
Privacy And Security ◽  
Rfid Systems ◽  
Security Authentication ◽  
Rfid System ◽  
Significant Performance ◽  
Rfid Authentication Protocols ◽  
Mutual Authentication Protocol

In order to solve the RFID authentication protocols, a new mutual authentication protocol based on Hash for the lightweight RFID system is proposed in this paper. Compared with several RFID authentication protocols with the similar structure, the proposed protocol can effectively solve the privacy and security of the RFID system, and it has significant performance advantages. It greatly reduces the amount storage and computation of tags.

scholarly journals Survey on Prominent RFID Authentication Protocols for Passive Tags

Sensors ◽  
2018 ◽  
Vol 18 (10) ◽  
pp. 3584 ◽  
Author(s):  
Rania Baashirah ◽  
Abdelshakour Abuzneid
Keyword(s):  
Radio Frequency Identification ◽  
Large Scale ◽  
Security Requirements ◽  
The Internet ◽  
Authentication Protocols ◽  
Reliable System ◽  
Passive Tags ◽  
Frequency Identification ◽  
Rfid Authentication Protocols ◽  
The Internet Of Things

Radio Frequency Identification (RFID) is one of the leading technologies in the Internet of Things (IoT) to create an efficient and reliable system to securely identify objects in many environments such as business, health, and manufacturing areas. Recent RFID authentication protocols have been proposed to satisfy the security features of RFID communication. In this article, we identify and review some of the most recent and enhanced authentication protocols that mainly focus on the authentication between a reader and a tag. However, the scope of this survey includes only passive tags protocols, due to the large scale of the RFID framework. We examined some of the recent RFID protocols in term of security requirements, computation, and attack resistance. We conclude that only five protocols resist all of the major attacks, while only one protocol satisfies all of the security requirements of the RFID system.

scholarly journals Design and Verification of Secure Mutual Authentication Protocols for Mobile Multihop Relay WiMAX Networks against Rogue Base/Relay Stations

2016 ◽  
Vol 2016 ◽  
pp. 1-12 ◽  
Author(s):  
Jie Huang ◽  
Chin-Tser Huang
Keyword(s):  
Low Cost ◽  
Mutual Authentication ◽  
Mobile Station ◽  
Base Station ◽  
Authentication Protocols ◽  
Current Standard ◽  
Replay Attack ◽  
Wimax Networks ◽  
Main Challenge ◽  
Formal Tool

Mobile multihop relay (MMR) WiMAX networks have attracted lots of interest in the wireless communication industry recently because of its scalable coverage, improved data rates, and relatively low cost. However, security of MMR WiMAX networks is the main challenge to be addressed. In this paper, we first identify several possible attacks on MMR WiMAX networks in which a rogue base station (BS) or relay station (RS) can get authenticated and gain control over the connections and show that the current standard does not address this problem well. We then propose a set of new authentication protocols for protecting MMR WiMAX networks from rogue BS attack, rogue RS attack, and suppress-replay attack. Our protocols can provide centralized authentication by using a trusted authentication server to support mutual authentication between RS and BS, between RS and RS, and between mobile station (MS) and RS. Moreover, our protocols can also provide distributed authentication with a license issued by the trusted server. We use a formal tool called Scyther to analyze and verify the security properties of our protocols. The results show that our protocols can counter rogue BS and RS attacks and suppress-replay attack and are not susceptible to any known attacks.

Sign in / Sign up

Export Citation Format

Share Document