RFID-MA XTEA: Cost-Effective RFID-Mutual Authentication Design using XTEA Security on FPGA Platform

RFID systems are one of the essential technologies and used many diverse applications. The security and privacy are the primary concern in RFID systems which are overcome by using suitable authentication protocols. In this manuscript, the cost-effective RFID-Mutual Authentication (MA) using a lightweight Extended Tiny encryption algorithm (XTEA) is designed to overcome the security and privacy issues on Hardware Platform. The proposed design provides two levels of security, which includes secured Tag identification and mutual authentication.  The RFID-MA mainly has Reader and Tag along with the backend Server. It establishes the secured authentication between Tag and Reader using XTEA. The XTEA with Cipher block chaining (CBC) is incorporated in RFID for secured MA purposes. The authentication process completed based on the challenge and response between Reader and Tag using XTEA-CBC. The present work is designed using Verilog-HDL on the Xilinx environment and implemented on Artix-7 FPGA.  The simulation and synthesis results discussed with hardware constraints like Area, power, and time. The present work is compared with existing similar approaches with hardware constraints improvements

SRMAP and ISLAP Authentication Protocols: Attacks and Improvements

RFID technology is a system which uses radio frequency to transmit data. Data transmission between Tags and Readers is wireless which can be easily eavesdropped by adversary. Due to security and privacy reasons, various authentication protocols proposed. In this paper, we cryptanalyze two different RFID authentication protocols and it is shown that either of them have some weaknesses. In 2014, Chang et al. proposed a mutual authentication protocol for RFID technology based on EPC Class 1 Generation 2 standard. We show that their protocol is not safe regard to privacy and cannot repulse neither Traceability attack nor Forward Traceability attack. Also, in 2015, Pourpouneh et al. proposed a server-less authentication protocol. We discover that their protocol is not able to thwart security and privacy attacks such as Secret Parameter Reveal, Traceability and Forward Traceability. In addition, we robust the two schemes to defend those attacks which can protect RFID users against different threats. Then, analyzing of the protocols are compared with some state-of-art ones

Cryptanalysis of two mutual authentication protocols for low-cost RFID

Radio Frequency Identification (RFID) is appearing as a favorite technology for automated identification, which can be widely applied to many applications such as e-passport, supply chain management and ticketing. However, researchers have found many security and privacy problems along RFID technology. In recent years, many researchers are interested in RFID authentication protocols and their security flaws. In this paper, we analyze two of the newest RFID authentication protocols which proposed by Fu et al. and Li et al. from several security viewpoints. We present different attacks such as desynchronization attack and privacy analysis over these protocols.Comment: 17 pages, 2 figures, 1 table, International Journal of Distributed and Parallel system

Lightweight Mutual Authentication Protocol for Low Cost RFID Tags

Radio Frequency Identification (RFID) technology one of the most promising technologies in the field of ubiquitous computing. Indeed, RFID technology may well replace barcode technology. Although it offers many advantages over other identification systems, there are also associated security risks that are not easy to be addressed. When designing a real lightweight authentication protocol for low cost RFID tags, a number of challenges arise due to the extremely limited computational, storage and communication abilities of Low-cost RFID tags. This paper proposes a real mutual authentication protocol for low cost RFID tags. The proposed protocol prevents passive attacks as active attacks are discounted when designing a protocol to meet the requirements of low cost RFID tags. However the implementation of the protocol meets the limited abilities of low cost RFID tags.Comment: 11 Pages, IJNS

A Cloud-based RFID Authentication Protocol with Insecure Communication Channels

© 2016 IEEE. Personal use of this material is permitted. Permission from IEEE must be obtained for all other uses, in any current or future media, including reprinting/republishing this material for advertising or promotional purposes, creating new collective works, for resale or redistribution to servers or lists, or reuse of any copyrighted component of this work in other works.Radio Frequency Identification (RFID) has becomea widespread technology to automatically identify objects and withthe development of cloud computing, cloud-based RFID systemsattract more research these days. Several cloud-based RFIDauthentication protocols have been proposed to address privacyand security properties in the environment where the cloudprovider is untrusted therefore the tag’s data are encrypted andanonymously stored in the cloud database. However, most of thecloud-based RFID authentication protocols assume securecommunication channels between the reader and the cloud server.To protect data transmission between the reader and the cloudserver without any help from a third party, this paper proposes acloud-based RFID authentication protocol with insecurecommunication channels (cloud-RAPIC) between the reader and the cloud server. The cloud-RAPIC protocol preserves tag privacyeven when the tag does not update its identification. The cloudRAPIC protocol has been analyzed using the UPriv model andAVISPA verification tool which have proved that the protocolpreserves tag privacy and protects data secrecy

A Survey of RFID Authentication Protocols Based on Hash-Chain Method

Security and privacy are the inherent problems in RFID communications. There are several protocols have been proposed to overcome those problems. Hash chain is commonly employed by the protocols to improve security and privacy for RFID authentication. Although the protocols able to provide specific solution for RFID security and privacy problems, they fail to provide integrated solution. This article is a survey to closely observe those protocols in terms of its focus and limitations.Comment: Third ICCIT 2008 International Conference on Convergence and Hybrid Information Technolog