Game-Based Cryptanalysis of a Lightweight CRC-Based Authentication Protocol for EPC Tags

Authors

  • B. Abdolmaleki MSc Student, Department of Electrical Engineering, Shahed University, Tehran, Iran
  • K. Baghery MSc Student, Department of Electrical Engineering, Shahed University, Tehran, Iran
  • M. J. Emadi Assistant Professor, Department of Electrical Engineering, Amirkabir University of Technology, Tehran, Iran
Abstract:

The term "Internet of Things (IoT)" expresses a huge network of smart and connected objects which can interact with other devices without our interposition. Radio frequency identification (RFID) is a great technology and an interesting candidate to provide communications for IoT networks, but numerous security and privacy issues need to be considered. In this paper, we analyze the security and the privacy of a new RFID authentication protocol proposed by Shi et al. in 2014. We prove that although Shi et al. have tried to present a secure and untraceable authentication protocol, their protocol still suffers from several security and privacy weaknesses which make it vulnerable to various security and privacy attacks. We present our privacy analysis based on a well-known formal privacy model which is presented by Ouafi and Phan in 2008. Moreover, to stop such attacks on the protocol and increase the performance of Shi et al.’s scheme, we present some modifications and propound an improved version of the protocol. Finally, the security and the privacy of the proposed protocol were analyzed against various attacks. 

Upgrade to premium to download articles

Sign up to access the full text

Already have an account?login

similar resources

Lightweight CRC-based Message Authentication

Low-cost resource-constrained devices can allocate very limited resources for implementing security. At the same time, they still require some level of protection. In this paper, we present a lightweight message authentication scheme based on Cyclic Redundancy Check (CRC). The presented CRC inherits the implementation simplicity of the conventional CRC checksum except that the LFSR implementing...

full text

GSLHA: Group-based Secure Lightweight Handover Authentication Protocol for M2M Communication

Machine to machine (M2M) communication, which is also known as machine type communication (MTC), is one of the most fascinating parts of mobile communication technology and also an important practical application of the Internet of Things. The main objective of this type of communication, is handling massive heterogeneous devices with low network overheads and high security guarantees. Hence, v...

full text

A TESLA-based mutual authentication protocol for GSM networks

The widespread use of wireless cellular networks has made security an ever increasing concern. GSM is the most popular wireless cellular standard, but security is an issue. The most critical weakness in the GSM protocol is the use of one-way entity authentication, i.e., only the mobile station is authenticated by the network. This creates many security problems including vulnerability against m...

full text

A Lightweight Authentication Protocol Based on Partial Identifier for EPCglobal Class-1 Gen-2 Tags

RFID is a key technology that can be used to create the pervasive society. The tag is an important part of the RFID system and most popular tags are some low-cost passive tags. These tags have limited computing and storing resources, and no more attentions are paid to their security and privacy. So the application of these tags is not secure. Lightweight authentication protocols are considered ...

full text

Cryptanalysis of a Lightweight RFID Authentication Protocol - LRMAP

In this paper, we present an efficient attack against the traceability of the LRMAP, a recently proposed lightweight RFID mutual authentication protocol. The attack benefits from the variance in elapsed time of the reader responses corresponding to the different tag states. We show that LRMAP does not provide untraceability, which is one of its design objectives.

full text

My Resources

Save resource for easier access later

Save to my library Already added to my library

{@ msg_add @}


Journal title

volume 46  issue 1

pages  27- 36

publication date 2014-04-01

By following a journal you will be notified via email when a new issue of this journal is published.

Hosted on Doprax cloud platform doprax.com

copyright © 2015-2023