CFP last date
20 January 2025
Reseach Article

Security Flaws in Two Recently Proposed RFID Authentication Protocols

Published on July 2017 by Sonam Devgan Kaul, Amit K. Awasthi
International Conference on Computer Systems and Mathematical Sciences
Foundation of Computer Science USA
ICCSMS2016 - Number 1
July 2017
Authors: Sonam Devgan Kaul, Amit K. Awasthi
dc86f00f-0c4c-4e44-a3dd-b90115a66f57

Sonam Devgan Kaul, Amit K. Awasthi . Security Flaws in Two Recently Proposed RFID Authentication Protocols. International Conference on Computer Systems and Mathematical Sciences. ICCSMS2016, 1 (July 2017), 1-8.

@article{
author = { Sonam Devgan Kaul, Amit K. Awasthi },
title = { Security Flaws in Two Recently Proposed RFID Authentication Protocols },
journal = { International Conference on Computer Systems and Mathematical Sciences },
issue_date = { July 2017 },
volume = { ICCSMS2016 },
number = { 1 },
month = { July },
year = { 2017 },
issn = 0975-8887,
pages = { 1-8 },
numpages = 8,
url = { /proceedings/iccsms2016/number1/28108-1658/ },
publisher = {Foundation of Computer Science (FCS), NY, USA},
address = {New York, USA}
}
%0 Proceeding Article
%1 International Conference on Computer Systems and Mathematical Sciences
%A Sonam Devgan Kaul
%A Amit K. Awasthi
%T Security Flaws in Two Recently Proposed RFID Authentication Protocols
%J International Conference on Computer Systems and Mathematical Sciences
%@ 0975-8887
%V ICCSMS2016
%N 1
%P 1-8
%D 2017
%I International Journal of Computer Applications
Abstract

On the basis of Vaudenay's untraceability model, this paper describes cryptanalyses of recently proposed Zhuang et al. 's ultralightweight RFID authentication protocol for low cost tags R2AP and Dehkordi and Farzaneh's improved hash based RFID mutual authentication protocol. This paper formally demonstrates that R2AP is insecure and does not attain even Narrow Forward privacy level of security. Additionally, R2AP protocol is traceable and suffers from impersonation attack. Also Dehkordi and Farzaneh's proposed protocol is impractical formally as it does not attain even Narrow Forward privacy level of security.

References
  1. S. D. Kaul and A. K. Awasthi, "Rfid authentication protocol to enhance patient medication safety," Journal of medical systems, vol. 37, no. 6, pp. 1–6, 2013.
  2. P. Peris-Lopez, J. C. Hernandez-Castro, J. M. Estevez-Tapiador, and A. Ribagorda, "LMAP : A real lightweight authentication protocol for low cost rfid tags," In Hand of Workshop on RFID and Lightweight Crypto, 2006.
  3. Peris Lopez, Pedro, et al. , "M2AP : A minimalist mutual authentication protocol for low cost rfid tags," In Proc. of UIC'06, Springer Verlag, vol. 4159, pp. 912–923, 2006.
  4. Peris Lopez, Pedro, et al. ,, "EMAP : An efficient mutual authentication protocol for low cost rfid tags," In Proc. of IS'06, Springer Verlag, vol. 4277, pp. 352– 361, 2006.
  5. T. Li and G. Wang, "Security analysis of two ultra-lightweight rfid authentication protocols," in New Approaches for Security, Privacy and Trust in Complex Environments. Springer, 2007, pp. 109–120.
  6. H. Y. Chien, "SAS1: A new ultralightweight rfid authentication protocol providing strong authentication and strong integrity," IEEE Transactions on Dependable and Secure Computing, vol. 4, no. 4, pp. 337–340, Oct-Dec 2007.
  7. R. -W. Phan, "Cryptanalysis of a new ultralightweight rfid authentication protocolsasi," Dependable and Secure Computing, IEEE Transactions on, vol. 6, no. 4, pp. 316–320, 2009.
  8. H. -M. Sun, W. -C. Ting, and K. -H. Wang, "On the security of chien's ultralightweight rfid authentication protocol," IEEE Transactions on Dependable and Secure Computing, no. 2, pp. 315–317, 2009.
  9. P. Peris-Lopez, J. C. Hernandez-Castro, J. M. Estevez-Tapiador, and A. Ribagorda, "Advances in ultralightweight cryptography for low cost rfid tags : Gossamer protocol," In Proc. of WISA'08, Springer Verlag, vol. 5379, pp. 56–68, 2008.
  10. Z. Bilal, A. Masood, and F. Kausar, "Security analysis of ultra-lightweight cryptographic protocol for low-cost rfid tags: Gossamer protocol," in Network-Based Information Systems, 2009. NBIS'09. In-ternational Conference on. IEEE, 2009, pp. 260–267.
  11. L. Kulseng, Z. Yu, Y. Wei, and Y. Guan, "Lightweight mutual authen-tication and ownership transfer for rfid systems," in INFOCOM, 2010 Proceedings IEEE. IEEE, 2010, pp. 1–5.
  12. Y. Yang, J. Gu, C. Lv, Q. Jiang, W. Ma, "Security analysis of Kulseng et al. 's mutual authentication protocol for RFID systems" Information Security, IET, vol. 6, no. 4, pp. 239–248, 2012.
  13. Y. Tian, G. Chen, and J. Li, "A new ultralightweight rfid authentication protocol with permutation," IEEE Communications Letters, vol. 16, no. 5, pp. 702–705, May 2012.
  14. G. Avoine and X. Carpent, "Yet another ultralightweight authentication protocol that is broken," in Radio Frequency Identification. Security and Privacy Issues. Springer, 2013, pp. 20–30.
  15. X. Zhuang, Y. Zhu, and C. -C. Chang, "A new ultralightweight rfid protocol for low-cost tags: R2AP ," Wireless Personal Communications, vol. 79, no. 3, pp. 1787–1802, 2014.
  16. A. Juels and S. A. Weis, "Defining strong privacy for rfid," ACM Transactions on Information and System Security (TISSEC), vol. 13, no. 1, p. 7, 2009.
  17. J. -S. Cho, Y. -S. Jeong, and S. O. Park, "Consideration on the brute-force attack cost and retrieval cost: A hash-based radio-frequency identification (rfid) tag mutual authentication protocol," Computers & Mathematics with Applications, 2012.
  18. M. H. Dehkordi and Y. Farzaneh, "Improvement of the hash-based rfid mutual authentication protocol," Wireless personal communications, vol. 75, no. 1, pp. 219–232, 2014.
  19. S. Vaudenay, "On privacy models for rfid," in Advances in Cryptology– ASIACRYPT 2007. Springer, 2007, pp. 68–87.
Index Terms

Computer Science
Information Sciences

Keywords

Rfid Privacy Authentication Cryptanalysis