Lightweight RFID mutual authentication protocol against feasible problems
Pages 69 - 77
Abstract
The wide deployment of RFID systems has raised many concerns about the security and privacy. Many RFID authentication protocols are proposed for these low-cost RFID tags. However, most of existing RFID authentication protocols suffer from some feasible problems. In this paper, we first discuss the feasible problems that exist in some RFID authentication protocols. Then we propose a lightweight RFID mutual authentication protocol against these feasible problems. To the best of our knowledge, it is the first scalable RFID authentication protocol that based on the SQUASH scheme. The new protocol is lightweight and can provide the forward security. In every authentication session, the tag produces the random number and the response is fresh. It also prevents the asynchronization between the reader and the tag. Additionally, the new protocol is secure against such attacks as replay attack, denial of service attack, man-in-the-middle attack and so on. We also show that it requires less cost of computation and storage than other similar protocols.
References
[1]
Juels, A.: RFID security and privacy: A research survey. IEEE Journal on Selected Areas in Communications 24(2), 381-394 (2006).
[2]
Peris-Lopez, P., Hernandez-Castro, J.C., Estevez-Tapiador, J.M., Ribagorda, A.: M2AP: A Minimalist Mutual-authentication Protocol for Low-cost RFID Tags. In: Ma, J., Jin, H., Yang, L.T., Tsai, J.J.-P. (eds.) UIC 2006. LNCS, vol. 4159, pp. 912-923. Springer, Heidelberg (2006).
[3]
Lehtonen, M., Staake, T., Michahelles, F.: From identification to authentication-a review of RFID product authentication techniques. In: Networked RFID Systems and Lightweight Cryptography, pp. 169-187 (2008).
[4]
Ohkubo, M., Suzuki, K., Kinoshita, S.: Cryptographic Approaches for Improving Security and Privacy Issues of RFID Systems. Wiley Online Library (2010).
[5]
Ohkubo, M., Suzuki, K., Kinoshita, S.: Cryptographic approach to "privacy-friendly" tags. In: RFID Privacy Workshop. MIT, MA (2003).
[6]
Molnar, D., Wagner, D.: Privacy and security in library RFID: Issues, practices, and architectures. In: Pfitzmann, B., Liu, P. (eds.) Conference on Computer and Communications Security - ACM CCS, pp. 210-219. ACM Press, Washington, DC (2004).
[7]
Dimitriou, T.: A lightweight RFID protocol to protect against traceability and cloning attacks. In: First International Conference on Security and Privacy for Emerging Areas in Communications Networks, pp. 59-66 (2005).
[8]
Peris-Lopez, P., Hernandez-Castro, J.C., Estevez-Tapiador, J.M., Ribagorda, A.: LMAP: A real lightweight mutual authentication protocol for low-cost RFID tags. In: Proceedings of 2nd Workshop on RFID Security (2006).
[9]
Li, T., Wang, G.: Security analysis of two ultra-lightweight RFID authentication protocols. In: New Approaches for Security, Privacy and Trust in Complex Environments, pp. 109-120 (2007).
[10]
Chien, H.-Y., Chen, C.-H.: Mutual authentication protocol for RFID conforming to EPC Class 1 Generation 2 standards. Computer Standards & Interfaces 29(2), 254-259 (2007).
[11]
Berbain, C., Billet, O., Etrog, J., Gilbert, H.: An efficient forward private RFID protocol. In: Proceedings of the 16th ACM Conference on Computer and Communications Security, pp. 43-53. ACM Press (2009).
[12]
Ma, C., Li, Y., Deng, R.H., Li, T.: RFID privacy: relation between two notions, minimal condition, and efficient construction. In: Proceedings of the 16th ACM Conference on Computer and Communications Security. ACM Press, New York (2009).
[13]
Juels, A.: Minimalist Cryptography for Low-Cost RFID Tags. In: Blundo, C., Cimato, S. (eds.) SCN 2004. LNCS, vol. 3352, pp. 149-164. Springer, Heidelberg (2005).
[14]
Shamir, A.: SQUASH - A New MAC with Provable Security Properties for Highly Constrained Devices such as RFID Tags. In: Nyberg, K. (ed.) FSE 2008. LNCS, vol. 5086, pp. 144-157. Springer, Heidelberg (2008).
[15]
Duc, D.N., Park, J., Lee, H., Kim, K.: Enhancing security of EPCglobal Gen-2 RFID tag against traceability and cloning. In: Symposium on Cryptography and Information Security, Hiroshima, Japan (2006).
[16]
Langheinrich, M.: A survey of RFID privacy approaches. Personal and Ubiquitous Computing 13(6), 413-421 (2009).
[17]
Koshy, P., Valentin, J., Zhang, X.: Implementation and performance testing of the SQUASH RFID authentication protocol. In: Applications and Technology Conference (LISAT), 2010 Long Island Systems. IEEE Press, New York (2010).
[18]
Gosset, F., Standaert, F.X., Quisquater, J.J.: FPGA implementation of SQUASH. In: Proceedings of the 29th Symposium on Information Theory in the Benelux (2008).
Recommendations
Lightweight RFID Mutual Authentication Protocol against Feasible Problems
Information and Communications SecurityAbstractThe wide deployment of RFID systems has raised many concerns about the security and privacy. Many RFID authentication protocols are proposed for these low-cost RFID tags. However, most of existing RFID authentication protocols suffer from some ...
An attack on an RFID authentication protocol conforming to EPC class 1 generation 2 standard
ICHIT'11: Proceedings of the 5th international conference on Convergence and hybrid information technologyRadio Frequency Identification (RFID) is taking place of barcodes in our lives, thanks to its remote identification capability. However, being transmitted via radio waves, the information is exposed to many possible attacks, which may endanger the ...
A Novel Anonymous RFID Authentication Protocol Providing Strong Privacy and Security
MINES '10: Proceedings of the 2010 International Conference on Multimedia Information Networking and SecurityAs the radio frequency identification (RFID) technology continues to evolve and mature, RFID tags can be implemented in a wide range of applications. Due to the shared wireless medium between the RFID reader and the RFID tag, however, adversaries can ...
Comments
Please enable JavaScript to view thecomments powered by Disqus.Information & Contributors
Information
Published In
Sponsors
- NSF of China: National Natural Science Foundation of China
- Microsoft Corp.
- TCG: Trusted Computing Group
- Beijing Tip Technology Corporation: Beijing Tip Technology Corporation
In-Cooperation
- ICISA: International Communications and Information Security Association
Publisher
Springer-Verlag
Berlin, Heidelberg
Publication History
Published: 23 November 2011
Author Tags
Qualifiers
- Article
Contributors
Other Metrics
Bibliometrics & Citations
Bibliometrics
Article Metrics
- 0Total Citations
- 0Total Downloads
- Downloads (Last 12 months)0
- Downloads (Last 6 weeks)0
Reflects downloads up to 29 Nov 2024