Ultra-lightweight Authentication

In this chapter we provide a critical look at the state of the art in ultra-lightweight authentication protocols. We start by outlining the features of the current ubiquitous and pervasive computing environment that have motivated the development of the ultra-lightweight paradigm which uses only basic arithmetic and logical operations. We emphasize its goals and its main challenges. Then, we focus our attention on the authentication problem. We use an abstract framework for modeling the protocols proposed over the years, in order to discuss their design strategies and the security and privacy properties they aim to achieve. After that, we survey the weaknesses and the common pitfalls in both the design and the analysis of ultra-lightweight authentication protocols. Finally, we conclude the chapter by discussing some fundamental ideas and research directions.

[1]  Matthew J. B. Robshaw,et al.  An Active Attack Against HB +-A Provably Secure Lightweight Authentication Protocol , 2022 .

[2]  Yannick Seurin,et al.  Good Variants of HB+ Are Hard to Find , 2008, Financial Cryptography.

[3]  Jian Su,et al.  SLAP: Succinct and Lightweight Authentication Protocol for low-cost RFID system , 2018, Wirel. Networks.

[4]  Juan E. Tapiador,et al.  Weaknesses in Two Recent Lightweight RFID Authentication Protocols , 2009, Inscrypt.

[5]  Bruce Schneier,et al.  Mod n Cryptanalysis, with Applications Against RC5P and M6 , 1999, FSE.

[6]  Frederik Armknecht,et al.  Lightweight Authentication Protocols on Ultra-Constrained RFIDs - Myths and Facts , 2014, RFIDSec.

[7]  Yannick Seurin,et al.  HB#: Increasing the Security and Efficiency of HB+ , 2008, EUROCRYPT.

[8]  Manuel Blum,et al.  Secure Human Identification Protocols , 2001, ASIACRYPT.

[9]  Zhan Yiju,et al.  A Minimalist Mutual Authentication Protocol for RFID System & BAN Logic Analysis , 2008, 2008 ISECS International Colloquium on Computing, Communication, Control, and Management.

[10]  Adi Shamir SQUASH - A New MAC with Provable Security Properties for Highly Constrained Devices Such as RFID Tags , 2008, FSE.

[11]  Shahzad Sarwar,et al.  A New Ultralightweight RFID Authentication Protocol for Passive Low Cost Tags: KMAP , 2017, Wirel. Pers. Commun..

[12]  Elaine B. Barker,et al.  A Statistical Test Suite for Random and Pseudorandom Number Generators for Cryptographic Applications , 2000 .

[13]  Xavier Carpent RFID authentication and time-memory trade-offs , 2015 .

[14]  Raphael C.-W. Phan,et al.  Cryptanalysis of a New Ultralightweight RFID Authentication Protocol—SASI , 2009, IEEE Transactions on Dependable and Secure Computing.

[15]  Juan E. Tapiador,et al.  Cryptanalysis of the David-Prasad RFID Ultralightweight Authentication Protocol , 2010, RFIDSec.

[16]  Ronald L. Rivest,et al.  The RC5 Encryption Algorithm , 1994, FSE.

[17]  Guido Bertoni,et al.  Keccak sponge function family main document , 2009 .

[18]  Serge Vaudenay,et al.  On the Security of HB# against a Man-in-the-Middle Attack , 2008, ASIACRYPT.

[19]  Yun Tian,et al.  A New Ultralightweight RFID Authentication Protocol with Permutation , 2012, IEEE Communications Letters.

[20]  Willi Meier,et al.  Quark: A Lightweight Hash , 2010, Journal of Cryptology.

[21]  Thomas Peyrin,et al.  The PHOTON Family of Lightweight Hash Functions , 2011, IACR Cryptol. ePrint Arch..

[22]  Ari Juels,et al.  RFID security and privacy: a research survey , 2006, IEEE Journal on Selected Areas in Communications.

[23]  Gildas Avoine,et al.  Strong Authentication and Strong Integrity (SASI) Is Not That Strong , 2010, RFIDSec.

[24]  Hung-Yu Chien,et al.  SASI: A New Ultralightweight RFID Authentication Protocol Providing Strong Authentication and Strong Integrity , 2007, IEEE Transactions on Dependable and Secure Computing.

[25]  Juan E. Tapiador,et al.  EMAP: An Efficient Mutual-Authentication Protocol for Low-Cost RFID Tags , 2006, OTM Workshops.

[26]  Samuel Neves,et al.  BLAKE2: Simpler, Smaller, Fast as MD5 , 2013, ACNS.

[27]  Serge Vaudenay,et al.  Smashing SQUASH-0 , 2009, EUROCRYPT.

[28]  Ari Juels,et al.  Authenticating Pervasive Devices with Human Protocols , 2005, CRYPTO.

[29]  Julio Hernandez-Castro,et al.  Pitfalls in Ultralightweight Authentication Protocol Designs , 2016, IEEE Transactions on Mobile Computing.

[30]  Juan E. Tapiador,et al.  M2AP: A Minimalist Mutual-Authentication Protocol for Low-Cost RFID Tags , 2006, UIC.

[31]  Juan E. Tapiador,et al.  Advances in Ultralightweight Cryptography for Low-Cost RFID Tags: Gossamer Protocol , 2009, WISA.

[32]  Paolo D'Arco,et al.  Design Weaknesses in Recent Ultralightweight RFID Authentication Protocols , 2018, SEC.

[33]  Juan E. Tapiador,et al.  Quasi-Linear Cryptanalysis of a Secure RFID Ultralightweight Authentication Protocol , 2010, Inscrypt.

[34]  Andrey Bogdanov,et al.  PRESENT: An Ultra-Lightweight Block Cipher , 2007, CHES.

[35]  Umar Mujahid,et al.  RCIA: A New Ultralightweight RFID Authentication Protocol Using Recursive Hash , 2015, Int. J. Distributed Sens. Networks.