2,424 research outputs found
A New Ultra-lightweight RFID Authentication Protocol using Merge and Separation Operations
Abstract Since Low-cost RFID tags have very limited hardware resources, it is difficult to implement an authentication protocol which uses heavy operations such as modern ciphers or hash functions. It has been presented some ultra-lightweight RFID authentication protocols for low-cost RFID tags by using very light operations. Recently, Jeon and Yoon proposed a new ultra-lightweight RFID authentication protocol. They defined and used the merge and separation operations. The merge operation can merge the bits from two bit strings and the separation operation is an inverse operation of the merge operation. However, we found that the protocol cannot serve correctly when the collision of tag pseudonyms is occurred. In this paper, we propose an improved authentication protocol that solves the problem. We show that the proposed protocol can resist various security attacks and is efficient enough to implement low-cost RFID tags
Trusted-HB: a low-cost version of HB+ secure against Man-in-The-Middle attacks
Since the introduction at Crypto'05 by Juels and Weis of the protocol HB+, a
lightweight protocol secure against active attacks but only in a detection
based-model, many works have tried to enhance its security. We propose here a
new approach to achieve resistance against Man-in-The-Middle attacks. Our
requirements - in terms of extra communications and hardware - are surprisingly
low.Comment: submitted to IEEE Transactions on Information Theor
A Fault Analytic Method against HB+
The search for lightweight authentication protocols suitable for low-cost
RFID tags constitutes an active and challenging research area. In this context,
a family of protocols based on the LPN problem has been proposed: the so-called
HB-family. Despite the rich literature regarding the cryptanalysis of these
protocols, there are no published results about the impact of fault analysis
over them. The purpose of this paper is to fill this gap by presenting a fault
analytic method against a prominent member of the HB-family: HB+ protocol. We
demonstrate that the fault analysis model can lead to a flexible and effective
attack against HB-like protocols, posing a serious threat over them
AnonPri: A Secure Anonymous Private Authentication Protocol for RFID Systems
Privacy preservation in RFID systems is a very important issue in modern day world. Privacy activists have been worried about the invasion of user privacy while using various RFID systems and services. Hence, significant efforts have been made to design RFID systems that preserve users\u27 privacy. Majority of the privacy preserving protocols for RFID systems require the reader to search all tags in the system in order to identify a single RFID tag which not efficient for large scale systems. In order to achieve high-speed authentication in large-scale RFID systems, researchers propose tree-based approaches, in which any pair of tags share a number of key components. Another technique is to perform group-based authentication that improves the tradeoff between scalability and privacy by dividing the tags into a number of groups. This novel authentication scheme ensures privacy of the tags. However, the level of privacy provided by the scheme decreases as more and more tags are compromised. To address this issue, in this paper, we propose a group based anonymous private authentication protocol (AnonPri) that provides higher level of privacy than the above mentioned group based scheme and achieves better efficiency (in terms of providing privacy) than the approaches that prompt the reader to perform an exhaustive search. Our protocol guarantees that the adversary cannot link the tag responses even if she can learn the identifier of the tags. Our evaluation results demonstrates that the level of privacy provided by AnonPri is higher than that of the group based authentication technique
AnonPri: A Secure Anonymous Private Authentication Protocol for RFID Systems
Privacy preservation in RFID systems is a very important issue in modern day world. Privacy activists have been worried about the invasion of user privacy while using various RFID systems and services. Hence, significant efforts have been made to design RFID systems that preserve users\u27 privacy. Majority of the privacy preserving protocols for RFID systems require the reader to search all tags in the system in order to identify a single RFID tag which not efficient for large scale systems. In order to achieve high-speed authentication in large-scale RFID systems, researchers propose tree-based approaches, in which any pair of tags share a number of key components. Another technique is to perform group-based authentication that improves the tradeoff between scalability and privacy by dividing the tags into a number of groups. This novel authentication scheme ensures privacy of the tags. However, the level of privacy provided by the scheme decreases as more and more tags are compromised. To address this issue, in this paper, we propose a group based anonymous private authentication protocol (AnonPri) that provides higher level of privacy than the above mentioned group based scheme and achieves better efficiency (in terms of providing privacy) than the approaches that prompt the reader to perform an exhaustive search. Our protocol guarantees that the adversary cannot link the tag responses even if she can learn the identifier of the tags. Our evaluation results demonstrates that the level of privacy provided by AnonPri is higher than that of the group based authentication technique
Efficient and Low-Cost RFID Authentication Schemes
Security in passive resource-constrained Radio Frequency Identification
(RFID) tags is of much interest nowadays. Resistance against illegal tracking,
cloning, timing, and replay attacks are necessary for a secure RFID
authentication scheme. Reader authentication is also necessary to thwart any
illegal attempt to read the tags. With an objective to design a secure and
low-cost RFID authentication protocol, Gene Tsudik proposed a timestamp-based
protocol using symmetric keys, named YA-TRAP*. Although YA-TRAP* achieves its
target security properties, it is susceptible to timing attacks, where the
timestamp to be sent by the reader to the tag can be freely selected by an
adversary. Moreover, in YA-TRAP*, reader authentication is not provided, and a
tag can become inoperative after exceeding its pre-stored threshold timestamp
value. In this paper, we propose two mutual RFID authentication protocols that
aim to improve YA-TRAP* by preventing timing attack, and by providing reader
authentication. Also, a tag is allowed to refresh its pre-stored threshold
value in our protocols, so that it does not become inoperative after exceeding
the threshold. Our protocols also achieve other security properties like
forward security, resistance against cloning, replay, and tracking attacks.
Moreover, the computation and communication costs are kept as low as possible
for the tags. It is important to keep the communication cost as low as possible
when many tags are authenticated in batch-mode. By introducing aggregate
function for the reader-to-server communication, the communication cost is
reduced. We also discuss different possible applications of our protocols. Our
protocols thus capture more security properties and more efficiency than
YA-TRAP*. Finally, we show that our protocols can be implemented using the
current standard low-cost RFID infrastructures.Comment: 21 pages, Journal of Wireless Mobile Networks, Ubiquitous Computing,
and Dependable Applications (JoWUA), Vol 2, No 3, pp. 4-25, 201
- …