HMAC-Based Authentication Protocol: Attacks and Improvements

Authors

  • Behzad Abdolmaleki M.Sc. Student, Information Systems and Security Laboratory (ISSL), Sharif University of Technology
  • Karim Baghery M.Sc. Student, Information Systems and Security Laboratory (ISSL), Sharif University of Technology
  • Mohammad javad Emadi Assistant Professor, Department of Electrical Engineering, Amirkabir University of Technology
Abstract:

As a response to a growing interest in RFID systems such as Internet of Things technology along with satisfying the security of these networks, proposing secure authentication protocols are indispensable part of the system design. Hence, authentication protocols to increase security and privacy in RFID applications have gained much attention in the literature. In this study, security and privacy of the recent well-known HMAC-based RFID mutual authentication protocol, is analyzed. We prove that this protocol is not secure against various attacks and also does not provide untraceability. Also, in order to improve the performance of the mentioned protocol and enhance the security of RFID users, a more effective and secure authentication HMAC-based protocol is presented. Furthermore, security of our protocol is explored against different attacks such as; the replay attack, the tag’s ID exposure, the spoofing attack, DoS attack and traceability attack. It is shown that our proposed protocol is safe against the attacks. Finally, the security of the presented protocol is compared with some well-known related protocols.

Upgrade to premium to download articles

Sign up to access the full text

Already have an account?login

similar resources

hmac-based authentication protocol: attacks and improvements

as a response to a growing interest in rfid systems such as internet of things technology along with satisfying the security of these networks, proposing secure authentication protocols are indispensable part of the system design. hence, authentication protocols to increase security and privacy in rfid applications have gained much attention in the literature. in this study, security and privac...

full text

HMAC Based Secure Authentication of VANET's

The Vehicular Ad-hoc Network (VANET) has been studied in many fields since it has the ability to provide a variety of services, such as detecting oncoming collisions and providing warning signals to alert the driver. The services provided by VANET are often based on collaboration among vehicles that are equipped with relatively simple motion sensors and GPS units. Awareness of its precise locat...

full text

Hash-Based Password Authentication Protocol Against Phishing and Pharming Attacks

Until now, although many researchers proposed a variety of authentication protocol to verify the identity of the clients, most of these protocols are inefficient and ineffective. Gouda et al. proposed an anti-phishing single password protocol, but it is vulnerable to pharming attacks. In this paper, we show that the protocol is insecure, and propose a hash-based password authentication protocol...

full text

SRMAP and ISLAP Authentication Protocols: Attacks and Improvements

RFID technology is a system which uses radio frequency to transmit data. Data transmission between Tags and Readers is wireless which can be easily eavesdropped by adversary. Due to security and privacy reasons, various authentication protocols proposed. In this paper, we cryptanalyze two different RFID authentication protocols and it is shown that either of them have some weaknesses. In 2014, ...

full text

Improvements to Mitchell's Remote User Authentication Protocol

A provably secure protocol for remote authentication is presented. Only public information is stored at the verifying host that makes our scheme resistant to server compromise. We use one time signatures coupled with offline transcripts for synchronization. Due to sole usage of fast cryptographic hash functions, our method is appropriate for low cost user authentication. Our construction improv...

full text

Improvements over Extended LMAP+: RFID Authentication Protocol

Radio Frequency Identification (RFID) systems are increasingly being deployed in a variety of applications. In this paper, we propose a light weight mutual authentication protocol which is an improvement over extended LMAP+ protocol. In mutual authentication, the tag and the reader of the RFID systems will authenticate each other before transmitting unique ID of tag. The proposed protocol provi...

full text

My Resources

Save resource for easier access later

Save to my library Already added to my library

{@ msg_add @}


Journal title

volume 48  issue 2

pages  71- 80

publication date 2016-11-21

{@ msg @}

By following a journal you will be notified via email when a new issue of this journal is published.

Keywords

Hosted on Doprax cloud platform doprax.com

copyright © 2015-2023