Security of lightweight mutual authentication protocols

Sensors and IoT (Internet of Things), which include RFID (Radio-Frequency IDentification) tags, have witnessed widespread adoption across a wide variety of application domains over the last two decades. These sensors and IoT devices are often a part of distributed sensor networks. As with any distributed processing scenario, there is a need to ensure that these devices provide required security and privacy to the tagged object as well as its bearer. Cryptography has been used to address the security and privacy aspects of RFID tags. Unlike a majority of other IoT devices, the commonly used passive RFID tags are extremely resource-constrained and therefore can accommodate only lightweight operations. Security and privacy concerns still need to be addressed as they remain significant regardless of implementation details. We evaluate RFID-based lightweight mutual authentication protocols that have been recently proposed and identify vulnerabilities.

[1]  Wei-Chen Wu,et al.  pISRA: privacy considered information security risk assessment model , 2018, The Journal of Supercomputing.

[2]  Jungho Kang,et al.  Lightweight mutual authentication RFID protocol for secure multi-tag simultaneous authentication in ubiquitous environments , 2019, The Journal of Supercomputing.

[3]  Aikaterini Mitrokotsa,et al.  Classifying RFID attacks and defenses , 2010, Inf. Syst. Frontiers.

[4]  Jun-Ho Huh Reefer container monitoring system using PLC-based communication technology for maritime edge computing , 2019, The Journal of Supercomputing.

[5]  Venkatasamy Sureshkumar,et al.  An automatic RFID reader-to-reader delegation protocol for SCM in cloud computing environment , 2018, The Journal of Supercomputing.

[6]  Reza Fotohi,et al.  Multi-level trust-based intelligence schema for securing of internet of things (IoT) against security threats using cryptographic authentication , 2020, The Journal of Supercomputing.

[7]  Jongsung Kim,et al.  A secure ECC-based RFID mutual authentication protocol for internet of things , 2016, The Journal of Supercomputing.

[8]  Gautam Srivastava,et al.  Suspicious activity detection using deep learning in secure assisted living IoT environments , 2020, The Journal of Supercomputing.

[9]  Chien-Ming Chen,et al.  On the security of a new ultra-lightweight authentication protocol in IoT environment for RFID tags , 2017, The Journal of Supercomputing.

[10]  N. V. Chinnasamy,et al.  Secured distributed routing technique using extended DART and table elimination (ET-DART) technique in wireless sensor networks environment , 2020, The Journal of Supercomputing.

[11]  Yifan Hu,et al.  Research on suboptimal energy balance of non-uniform distributed nodes in WSN , 2018, The Journal of Supercomputing.

[12]  B. B. Gupta,et al.  Cryptanalysis of a novel ultra-lightweight mutual authentication protocol for IoT devices using RFID tags , 2017, The Journal of Supercomputing.

[13]  Tony Yu-Ju Tu,et al.  On addressing RFID/NFC-based relay attacks: An overview , 2020, Decis. Support Syst..

[14]  Juan Manuel González Nieto,et al.  Detecting relay attacks with timing-based protocols , 2007, ASIACCS '07.

[15]  Raja Krishnamoorthy,et al.  Resource key distribution and allocation based on sensor vehicle nodes for energy harvesting in vehicular ad hoc networks for transport application , 2019, The Journal of Supercomputing.

[16]  Reza Fotohi,et al.  A novel countermeasure technique to protect WSN against denial-of-sleep attacks using firefly and Hopfield neural network (HNN) algorithms , 2020, The Journal of Supercomputing.

[17]  Jong Hyuk Park,et al.  Distributed denial of service attacks and its defenses in IoT: a survey , 2019, The Journal of Supercomputing.

[18]  Yung-Ting Chuang,et al.  TCR: a trustworthy and churn-resilient academic distribution and retrieval system in P2P networks , 2020, The Journal of Supercomputing.