scholarly journals IoT Device Security: Challenging “A Lightweight RFID Mutual Authentication Protocol Based on Physical Unclonable Function”

Sensors ◽  
2018 ◽  
Vol 18 (12) ◽  
pp. 4444 ◽  
Author(s):  
Ygal Bendavid ◽  
Nasour Bagheri ◽  
Masoumeh Safkhani ◽  
Samad Rostampour
Keyword(s):  
Radio Frequency Identification ◽  
Mutual Authentication ◽  
Security Analysis ◽  
Authentication Protocol ◽  
Security Protocol ◽  
Physical Unclonable Function ◽  
Security Risks ◽  
Processing Power ◽  
Frequency Identification ◽  
Mutual Authentication Protocol

With the exponential increase of Internet of things (IoT) connected devices, important security risks are raised as any device could be used as an attack channel. This preoccupation is particularly important with devices featuring limited processing power and memory capabilities for security purposes. In line with this idea, Xu et al. (2018) proposed a lightweight Radio Frequency Identification (RFID) mutual authentication protocol based on Physical Unclonable Function (PUF)—ensuring mutual tag-reader verification and preventing clone attacks. While Xu et al. claim that their security protocol is efficient to protect RFID systems, we found it still vulnerable to a desynchronization attack and to a secret disclosure attack. Hence, guidelines for the improvements to the protocol are also suggested, for instance by changing the structure of the messages to avoid trivial attacks. In addition, we provide an explicit protocol for which our formal and informal security analysis have found no weaknesses.

scholarly journals Cryptanalysis of ultralightweight mutual authentication protocol for radio frequency identification enabled Internet of Things networks

2018 ◽  
Vol 14 (8) ◽  
pp. 155014771879512 ◽  
Author(s):  
Madiha Khalid ◽  
Umar Mujahid ◽  
Muhammad Najam-ul-Islam
Keyword(s):  
Internet Of Things ◽  
Radio Frequency ◽  
Radio Frequency Identification ◽  
Mutual Authentication ◽  
Authentication Protocol ◽  
Wireless Channel ◽  
Frequency Identification ◽  
Mutual Authentication Protocol ◽  
Attack Models ◽  
Internet Of Thing

Internet of Things is one of the most important components of modern technological systems. It allows the real time synchronization and connectivity of devices with each other and with the rest of the world. The radio frequency identification system is used as node identification mechanism in the Internet of Thing networks. Since Internet of Things involve wireless channel for communication that is open for all types of malicious adversaries, therefore many security protocols have been proposed to ensure encryption over wireless channel. To reduce the overall cost of radio frequency identification enabled Internet of Thing network security, the researchers use simple bitwise logical operations such as XOR, AND, OR, and Rot and have proposed many ultralightweight mutual authentication protocols. However, almost all the previously proposed protocols were later found to be vulnerable against several attack models. Recently, a new ultralightweight mutual authentication protocol has been proposed which involves only XOR and Rotation functions in its design and claimed to be robust against all possible attack models. In this article, we have performed cryptanalysis of this recently proposed ultralightweight mutual authentication protocol and found many pitfalls and vulnerabilities in the protocol design. We have exploited weak structure of the protocol messages and proposed three attacks against the said protocol: one desynchronization and two full disclosure attacks.

scholarly journals RFID Mutual Authentication Protocols based on Gene Mutation and Transfer

2013 ◽  
Vol 9 (1) ◽  
pp. 44 ◽  
Author(s):  
Raghav V. Sampangi ◽  
Srinivas Sampalli
Keyword(s):  
Gene Mutation ◽  
Radio Frequency Identification ◽  
Mutual Authentication ◽  
Security Analysis ◽  
Key Exchange ◽  
Rfid Tags ◽  
Simulation Studies ◽  
Frequency Identification ◽  
Dynamic Updates ◽  
Mutual Authentication Protocol

Radio Frequency Identification (RFID) is a technology that is very popular due to the simplicity in its technology and high adaptability in a variety of areas. The simplicity in the technology, however, comes with a caveat – RFID tags have severe resource restrictions, which make them vulnerable to a range of security attacks. Such vulnerability often results in the loss of privacy of the tag owner and other attacks on tags. Previous research in RFID security has mainly focused on authenticating entities such as readers / servers, which communicate with the tag. Any security mechanism is only as strong as the encryption keys used. Since RFID communication is wireless, critical messages such as key exchange messages are vulnerable to attacks. Therefore, we present a mutual authentication protocol that relies on independent generation and dynamic updates of encryption keys thereby removing the need for key exchange, which is based on the concept of gene mutation and transfer. We also present an enhanced version of this protocol, which improves the security offered by the first protocol. The novelty of the proposed protocols is in the independent generation, dynamic and continuous updates of encryption keys and the use of the concept of gene mutation / transfer to offer mutual authentication of the communicating entities. The proposed protocols are validated by simulation studies and security analysis.

A Mutual Authentication Protocol with Resynchronisation Capability for Mobile Satellite Communications

2013 ◽  
pp. 35-51
Author(s):  
Ioana Lasc ◽  
Reiner Dojen ◽  
Tom Coffey
Keyword(s):  
Denial Of Service ◽  
Mutual Authentication ◽  
Security Analysis ◽  
Service Condition ◽  
Satellite Communications ◽  
Authentication Protocol ◽  
Security Protocol ◽  
New Type ◽  
Mobile Satellite ◽  
Mutual Authentication Protocol

Many peer-to-peer security protocols proposed for wireless communications use one-time shared secrets for authentication purposes. This paper analyses online update mechanisms for one-time shared secrets. A new type of attack against update mechanisms, called desynchronisation attack, is introduced. This type of attack may lead to a permanent denial of service condition. A case study demonstrates the effectiveness of desynchronisation attacks against a security protocol for mobile satellite communications. A new mutual authentication protocol for satellite communications, incorporating a resynchronisation capability, is proposed to counter the disruptive effects of desynchronisation attacks. The new protocol has an esynchronisation phase that is initiated whenever desynchronisation is suspected. Thus, the possibility of causing permanent denial of service conditions by mounting desynchronisation attacks is eliminated. A security analysis of the proposed protocol establishes its resistance against attacks like replay attacks, dictionary attacks, and desynchronisation attacks.

scholarly journals A Lightweight RFID Mutual Authentication Protocol with PUF

Sensors ◽  
2019 ◽  
Vol 19 (13) ◽  
pp. 2957 ◽  
Author(s):  
Feng Zhu ◽  
Peng Li ◽  
He Xu ◽  
Ruchuan Wang
Keyword(s):  
Radio Frequency ◽  
Radio Frequency Identification ◽  
Large Scale ◽  
Mutual Authentication ◽  
Authentication Protocol ◽  
Security And Privacy ◽  
Great Loss ◽  
Physically Unclonable Functions ◽  
Frequency Identification ◽  
Mutual Authentication Protocol

Radio frequency identification is one of the key techniques for Internet of Things, which has been widely adopted in many applications for identification. However, there exist various security and privacy issues in radio frequency identification (RFID) systems. Particularly, one of the most serious threats is to clone tags for the goal of counterfeiting goods, which causes great loss and danger to customers. To solve these issues, lots of authentication protocols are proposed based on physical unclonable functions that can ensure an anti-counterfeiting feature. However, most of the existing schemes require secret parameters to be stored in tags, which are vulnerable to physical attacks that can further lead to the breach of forward secrecy. Furthermore, as far as we know, none of the existing schemes are able to solve the security and privacy problems with good scalability. Since many existing schemes rely on exhaustive searches of the backend server to validate a tag and they are not scalable for applications with a large scale database. Hence, in this paper, we propose a lightweight RFID mutual authentication protocol with physically unclonable functions (PUFs). The performance analysis shows that our proposed scheme can ensure security and privacy efficiently in a scalable way.

RFID Mutual Authentication Protocol Based on Chaos Key

2013 ◽  
Vol 846-847 ◽  
pp. 1519-1523
Author(s):  
Nan Zhang ◽  
Jian Hua Zhang ◽  
Jun Yang
Keyword(s):  
Radio Frequency Identification ◽  
Low Cost ◽  
Mutual Authentication ◽  
Authentication Protocol ◽  
Secret Key ◽  
Security Issues ◽  
Hash Algorithm ◽  
Frequency Identification ◽  
Chaos Sequences ◽  
Mutual Authentication Protocol

While radio frequency identification (RFID) is evolving as a major technology enabler for identifying and tracking goods and assets around the world, its security issues are also increasingly exposed. A Hash-based RFID mutual authentication protocol was put forward. The key was joined into the hash algorithm, and chaos sequences were used to update the key. The protocol enhances the security of the RFID system with low cost. Experiments show that the chaos system has the character of initial value sensitivity, which can be used to distribute and update the secret key. Safety analysis show that the mutual authentication protocol can solve security issues including eavesdropping, illegal access, masquerade, spoofing attack, position tracking.

A Mutual Authentication Protocol with Resynchronisation Capability for Mobile Satellite Communications

2011 ◽  
Vol 5 (1) ◽  
pp. 33-49 ◽  
Author(s):  
Ioana Lasc ◽  
Reiner Dojen ◽  
Tom Coffey
Keyword(s):  
Denial Of Service ◽  
Mutual Authentication ◽  
Security Analysis ◽  
Service Condition ◽  
Satellite Communications ◽  
Authentication Protocol ◽  
Security Protocol ◽  
New Type ◽  
Mobile Satellite ◽  
Mutual Authentication Protocol

Many peer-to-peer security protocols proposed for wireless communications use one-time shared secrets for authentication purposes. This paper analyses online update mechanisms for one-time shared secrets. A new type of attack against update mechanisms, called desynchronisation attack, is introduced. This type of attack may lead to a permanent denial of service condition. A case study demonstrates the effectiveness of desynchronisation attacks against a security protocol for mobile satellite communications. A new mutual authentication protocol for satellite communications, incorporating a resynchronisation capability, is proposed to counter the disruptive effects of desynchronisation attacks. The new protocol has an esynchronisation phase that is initiated whenever desynchronisation is suspected. Thus, the possibility of causing permanent denial of service conditions by mounting desynchronisation attacks is eliminated. A security analysis of the proposed protocol establishes its resistance against attacks like replay attacks, dictionary attacks, and desynchronisation attacks.

Lightweight Mutual Authentication Protocol for V2G Using Physical Unclonable Function

2020 ◽  
Vol 69 (7) ◽  
pp. 7234-7246 ◽  
Author(s):  
Gaurang Bansal ◽  
Naren Naren ◽  
Vinay Chamola ◽  
Biplab Sikdar ◽  
Neeraj Kumar ◽  
...  
Keyword(s):  
Mutual Authentication ◽  
Authentication Protocol ◽  
Physical Unclonable Function ◽  
Mutual Authentication Protocol
Sign in / Sign up

Export Citation Format

Share Document