Cryptanalysis of a novel ultra-lightweight mutual authentication protocol for IoT devices using RFID tags

Internet of Things (IoT) is an evolving architecture which connects multiple devices to Internet for communication or receiving updates from a cloud or a server. In future, the number of these connected devices will increase immensely making them an indistinguishable part of our daily lives. Although these devices make our lives more comfortable, they also put our personal information at risk. Therefore, security of these devices is also a major concern today. In this paper, we propose an ultra-lightweight mutual authentication protocol which uses only bitwise operation and thus is very efficient in terms of storage and communication cost. In addition, the computation overhead is very low. We have also compared our proposed work with the existing ones which verifies the strength of our protocol, as obtained results are promising. A brief cryptanalysis of our protocol that ensures untraceability is also presented.

[1]  Jin Wang,et al.  A Variable Threshold-Value Authentication Architecture for Wireless Mesh Networks , 2014 .

[2]  Paul Müller,et al.  Hash-based enhancement of location privacy for radio-frequency identification devices using varying identifiers , 2004, IEEE Annual Conference on Pervasive Computing and Communications Workshops, 2004. Proceedings of the Second.

[3]  Pedro Peris-López,et al.  LMAP : A Real Lightweight Mutual Authentication Protocol for Low-cost RFID tags , 2006 .

[4]  Laurence T. Yang,et al.  The Internet of Things: From RFID to the Next-Generation Pervasive Networked Systems , 2008 .

[5]  Kevin Ashton,et al.  That ‘Internet of Things’ Thing , 1999 .

[6]  Hung-Yu Chien,et al.  SASI: A New Ultralightweight RFID Authentication Protocol Providing Strong Authentication and Strong Integrity , 2007, IEEE Transactions on Dependable and Secure Computing.

[7]  Dongho Won,et al.  Challenge-Response Based RFID Authentication Protocol for Distributed Database Environment , 2005, SPC.

[8]  Yun Tian,et al.  A New Ultralightweight RFID Authentication Protocol with Permutation , 2012, IEEE Communications Letters.

[9]  Ari Juels,et al.  RFID security and privacy: a research survey , 2006, IEEE Journal on Selected Areas in Communications.

[10]  David A. Wagner,et al.  Privacy and security in library RFID: issues, practices, and architectures , 2004, CCS '04.

[11]  Christopher J. Edwards Taggin along [Communications Radio-Frequency ID] , 2014 .

[12]  Kostas E. Psannis,et al.  Efficient redundant frames encoding algorithm for streaming video over error prone wireless channels , 2009, IEICE Electron. Express.

[13]  Ronald L. Rivest,et al.  Security and Privacy Aspects of Low-Cost Radio Frequency Identification Systems , 2003, SPC.

[14]  Kostas E. Psannis,et al.  HEVC in wireless environments , 2016, Journal of Real-Time Image Processing.

[15]  Yuxiang Wang,et al.  Construction of Tree Network with Limited Delivery Latency in Homogeneous Wireless Sensor Networks , 2014, Wirel. Pers. Commun..

[16]  Ari Juels,et al.  Authenticating Pervasive Devices with Human Protocols , 2005, CRYPTO.

[17]  Antonio Iera,et al.  The Internet of Things: A survey , 2010, Comput. Networks.

[18]  Emin Anarim,et al.  Security analysis of an ultra-lightweight RFID authentication protocol - SLMAP , 2012, Secur. Commun. Networks.

[19]  Kostas E. Psannis,et al.  Recent advances delivered by Mobile Cloud Computing and Internet of Things for Big Data applications: a survey , 2017, Int. J. Netw. Manag..

[20]  Juan E. Tapiador,et al.  EMAP: An Efficient Mutual-Authentication Protocol for Low-Cost RFID Tags , 2006, OTM Workshops.

[21]  Raphael C.-W. Phan,et al.  Privacy of Recent RFID Authentication Protocols , 2008, ISPEC.

[22]  Bruce Schneier,et al.  Cryptanalytic Attacks on Pseudorandom Number Generators , 1998, FSE.

[23]  Benjamin K. S. Khoo,et al.  RFID as an Enabler of the Internet of Things: Issues of Security and Privacy , 2011, 2011 International Conference on Internet of Things and 4th International Conference on Cyber, Physical and Social Computing.

[24]  Srinivas Sampalli,et al.  Technique for preventing DoS attacks on RFID systems , 2010, SoftCOM 2010, 18th International Conference on Software, Telecommunications and Computer Networks.

[25]  Juan E. Tapiador,et al.  M2AP: A Minimalist Mutual-Authentication Protocol for Low-Cost RFID Tags , 2006, UIC.

[26]  Raphael C.-W. Phan,et al.  Traceable Privacy of Recent Provably-Secure RFID Protocols , 2008, ACNS.

[27]  Ivan Stojmenovic,et al.  RFID Systems: Research Trends and Challenges , 2011 .

[28]  Huansheng Ning,et al.  Future Internet of Things Architecture: Like Mankind Neural System or Social Organization Framework? , 2011, IEEE Communications Letters.

[29]  Alessandro Bassi,et al.  From today's INTRAnet of things to a future INTERnet of things: a wireless- and mobility-related view , 2010, IEEE Wireless Communications.

[30]  Angelo Sifaleras,et al.  Convergence of Internet of things and mobile cloud computing , 2014 .

[31]  Raphael C.-W. Phan,et al.  Cryptanalysis of a New Ultralightweight RFID Authentication Protocol—SASI , 2009, IEEE Transactions on Dependable and Secure Computing.

[32]  Leilani Battle,et al.  Building the Internet of Things Using Rfid , 2009 .

[33]  Ari Juels,et al.  Defining Strong Privacy for RFID , 2007, PerCom Workshops.

[34]  Marimuthu Palaniswami,et al.  Internet of Things (IoT): A vision, architectural elements, and future directions , 2012, Future Gener. Comput. Syst..

[35]  Juan E. Tapiador,et al.  Advances in Ultralightweight Cryptography for Low-Cost RFID Tags: Gossamer Protocol , 2009, WISA.

[36]  Rodrigo Roman,et al.  Securing the Internet of Things , 2017, Smart Cards, Tokens, Security and Applications, 2nd Ed..

[37]  Juan E. Tapiador,et al.  Cryptanalysis of the SASI Ultralightweight RFID Authentication Protocol with Modular Rotations , 2008, ArXiv.