Skip to main content
Erschienen in: Wireless Personal Communications 3/2014

01.12.2014

A New Ultralightweight RFID Protocol for Low-Cost Tags: R\(^{2}\)AP

verfasst von: Xu Zhuang, Yan Zhu, Chin-Chen Chang

Erschienen in: Wireless Personal Communications | Ausgabe 3/2014

Einloggen

Aktivieren Sie unsere intelligente Suche um passende Fachinhalte oder Patente zu finden.

search-config
loading …

Abstract

Several ultralightweight radio frequency identification (RFID) authentication protocols have been proposed in recent years. However, all of these protocols are reported later that they are vulnerable to various kinds of attacks (such as replay attack, de-synchronization attack, full disclosure attack, etc.) and/or have user privacy concerns. In this paper, we propose a new ultralightweight RFID protocol named reconstruction based RFID authentication protocol (R\(^{2}\)AP), which is based on the use of a new bitwise operation reconstruction. Operation reconstruction has three important properties: Hamming weight unpredictability, irreversibility and effectiveness. Some or all of these properties are absent in previous protocols and therefore has caused a lot of insecurity issues. The proposed R\(^{2}\)AP takes advantage of reconstruction to guarantee security of RFID system. Furthermore, we improve the Juels–Weis untraceability model so that the extended mathematic model can be used to analyze security functionality for ultralightweight RFID protocols. Our security analysis and performance evaluations demonstrate that (1) R\(^{2}\)AP can withstand all attacks mentioned in the paper and protect users’ privacy; (2) R\(^{2}\)AP is indeed an effective RFID protocol that can be implemented on low-cost tags.

Sie haben noch keine Lizenz? Dann Informieren Sie sich jetzt über unsere Produkte:

Springer Professional "Technik"

Online-Abonnement

Mit Springer Professional "Technik" erhalten Sie Zugriff auf:

  • über 67.000 Bücher
  • über 390 Zeitschriften

aus folgenden Fachgebieten:

  • Automobil + Motoren
  • Bauwesen + Immobilien
  • Business IT + Informatik
  • Elektrotechnik + Elektronik
  • Energie + Nachhaltigkeit
  • Maschinenbau + Werkstoffe




 

Jetzt Wissensvorsprung sichern!

Springer Professional "Wirtschaft+Technik"

Online-Abonnement

Mit Springer Professional "Wirtschaft+Technik" erhalten Sie Zugriff auf:

  • über 102.000 Bücher
  • über 537 Zeitschriften

aus folgenden Fachgebieten:

  • Automobil + Motoren
  • Bauwesen + Immobilien
  • Business IT + Informatik
  • Elektrotechnik + Elektronik
  • Energie + Nachhaltigkeit
  • Finance + Banking
  • Management + Führung
  • Marketing + Vertrieb
  • Maschinenbau + Werkstoffe
  • Versicherung + Risiko

Jetzt Wissensvorsprung sichern!

Springer Professional "Wirtschaft"

Online-Abonnement

Mit Springer Professional "Wirtschaft" erhalten Sie Zugriff auf:

  • über 67.000 Bücher
  • über 340 Zeitschriften

aus folgenden Fachgebieten:

  • Bauwesen + Immobilien
  • Business IT + Informatik
  • Finance + Banking
  • Management + Führung
  • Marketing + Vertrieb
  • Versicherung + Risiko




Jetzt Wissensvorsprung sichern!

Fußnoten
1
T-function (Triangular-function) refers to function that the \(i\)th bit of its output only depends on bits \(0,\ldots ,i\)t of its input(s), where the Least Significant Bit is indexed by 0. Obviously, operations exclusive or (XOR), and (AND), addition are T-functions. For formal definition of T-function, please refer to [14].
 
2
Actually, we can classify DoS attack into two groups: one is caused by the instinctive issues in wireless communications, named hard-DoS; the other one is caused by the de-synchronization between a tag and the back-end database, named soft-DOS. In this paper, we only consider the later form of DoS: soft-DoS.
 
Literatur
1.
Zurück zum Zitat Ahmadian, Z., Salmasizadeh, M., & Aref, M. R. (2012). Desynchronization attack on RAPP ultralightweight authentication protocol, Cryptology ePrint Archive, Report 2012/490. Ahmadian, Z., Salmasizadeh, M., & Aref, M. R. (2012). Desynchronization attack on RAPP ultralightweight authentication protocol, Cryptology ePrint Archive, Report 2012/490.
2.
Zurück zum Zitat Ahmadian, Z., Salmasizadeh, M., & Aref, M. R. (2013). Recursive linear and differential cryptanalysis of ultralightweight authentication protocols. IEEE Transactions on Information Forensics and Security, 8, 1140–1151.CrossRef Ahmadian, Z., Salmasizadeh, M., & Aref, M. R. (2013). Recursive linear and differential cryptanalysis of ultralightweight authentication protocols. IEEE Transactions on Information Forensics and Security, 8, 1140–1151.CrossRef
3.
Zurück zum Zitat Alomair, B., Lazos, L., & Poovendran, R. (2007). Passive attacks on a class of authentication protocols for RFID. In K.-H. Nam & G. Rhee (Eds.), International conference on information security and cryptology-ICISC 2007. Seoul, Korea: Lecture notes in computer science. Alomair, B., Lazos, L., & Poovendran, R. (2007). Passive attacks on a class of authentication protocols for RFID. In K.-H. Nam & G. Rhee (Eds.), International conference on information security and cryptology-ICISC 2007. Seoul, Korea: Lecture notes in computer science.
4.
Zurück zum Zitat Avoine, G., Carpent, X., & Martin, B. (2012). Privacy-friendly synchronized ultralightweight authentication protocols in the storm. Journal of Network and Computer Applications, 25, 826–843.CrossRef Avoine, G., Carpent, X., & Martin, B. (2012). Privacy-friendly synchronized ultralightweight authentication protocols in the storm. Journal of Network and Computer Applications, 25, 826–843.CrossRef
5.
Zurück zum Zitat Avoine, G., & Carpent, X. (2012). Yet another ultralightweight authentication protocol that is broken, in pre-proceeding of RFIDsec. Netherlands: Nijmegen. Avoine, G., & Carpent, X. (2012). Yet another ultralightweight authentication protocol that is broken, in pre-proceeding of RFIDsec. Netherlands: Nijmegen.
6.
Zurück zum Zitat Barasz, M., Boros, B., Ligeti, P., Loja, K., & Nagy, D. A. (2007). Breaking LMAP. In: Conference on RFID security, Malaga, Spain. Barasz, M., Boros, B., Ligeti, P., Loja, K., & Nagy, D. A. (2007). Breaking LMAP. In: Conference on RFID security, Malaga, Spain.
7.
Zurück zum Zitat Cao, T., Bertino, E., & Lei, H. (2009). Security analysis of the SASI protocol. IEEE Transactions on Dependable and Secure Computing, 6, 73–77.CrossRef Cao, T., Bertino, E., & Lei, H. (2009). Security analysis of the SASI protocol. IEEE Transactions on Dependable and Secure Computing, 6, 73–77.CrossRef
8.
Zurück zum Zitat Castro, H., Tapiador, M. E., Lopez, P., & Quisquater, J. (2008). Cryptanalysis of the SASI ultralightweight RFID authentication protocol with modular rotations, arXiv preprint arXiv:0811.4257. Castro, H., Tapiador, M. E., Lopez, P., & Quisquater, J. (2008). Cryptanalysis of the SASI ultralightweight RFID authentication protocol with modular rotations, arXiv preprint arXiv:​0811.​4257.
9.
Zurück zum Zitat Chien, H. Y. (2007). SASI: A new ultralightweight RFID authentication protocol providing strong authentication and strong integrity. IEEE Transaction on Dependable and Secure Computing, 4, 337–340.CrossRef Chien, H. Y. (2007). SASI: A new ultralightweight RFID authentication protocol providing strong authentication and strong integrity. IEEE Transaction on Dependable and Secure Computing, 4, 337–340.CrossRef
10.
Zurück zum Zitat David, M., & Prasad, N. R. (2009). Providing strong security and high privacy in low-cost RFID networks, In: Proceedings of security and privacy in mobile information and communication systems, MobiSec 2009, Heidelberg. David, M., & Prasad, N. R. (2009). Providing strong security and high privacy in low-cost RFID networks, In: Proceedings of security and privacy in mobile information and communication systems, MobiSec 2009, Heidelberg.
11.
Zurück zum Zitat Eghdamian, A., & Samsudin, A. (2011). A secure protocol for ultralightweight radio frequency identification (RFID) tags. In Information engineering and information science—ICIEIS 2011, Vol. 251 of communication in computer and information science, Kuala Lumpur, Malaysia. Eghdamian, A., & Samsudin, A. (2011). A secure protocol for ultralightweight radio frequency identification (RFID) tags. In Information engineering and information science—ICIEIS 2011, Vol. 251 of communication in computer and information science, Kuala Lumpur, Malaysia.
12.
Zurück zum Zitat Jeon, I., & Yoon, E. (2013). A new ultra-lightweight RFID authentication protocol using merge and separation operations, 7, 2583–2593. Jeon, I., & Yoon, E. (2013). A new ultra-lightweight RFID authentication protocol using merge and separation operations, 7, 2583–2593.
13.
Zurück zum Zitat Juels, A., & Weis, S. A. (March 2007). Defining strong privacy for RFID. In Proceedings of fifth annual ieee international conference pervasive computing and communications, pp. 342–347. Juels, A., & Weis, S. A. (March 2007). Defining strong privacy for RFID. In Proceedings of fifth annual ieee international conference pervasive computing and communications, pp. 342–347.
14.
Zurück zum Zitat Klimov, A., & Shamir, A. (2003). A new class of invertible mappings. In Proceedings of cryptographic hardware and embedded systems, Lecture Notes in Computer Science, Vol. 2523, pp. 470–483. Klimov, A., & Shamir, A. (2003). A new class of invertible mappings. In Proceedings of cryptographic hardware and embedded systems, Lecture Notes in Computer Science, Vol. 2523, pp. 470–483.
15.
Zurück zum Zitat Lee, Y. C., Hsieh, Y. C., You, P. S., & Chen, T. C. (2009). A new ultralightweight RFID protocol with mutual authentication. In Proceedings of the 2009 WASE international conference on information engineering, vol. 1 (pp. 58–61). IEEE Computer Society. Lee, Y. C., Hsieh, Y. C., You, P. S., & Chen, T. C. (2009). A new ultralightweight RFID protocol with mutual authentication. In Proceedings of the 2009 WASE international conference on information engineering, vol. 1 (pp. 58–61). IEEE Computer Society.
16.
Zurück zum Zitat Lee, Y. C. (2012). Two ultralightweight authentication protocols for low-cost RFID tags. Applied Mathematics and Information Sciences, 6, 425–431.MathSciNet Lee, Y. C. (2012). Two ultralightweight authentication protocols for low-cost RFID tags. Applied Mathematics and Information Sciences, 6, 425–431.MathSciNet
17.
Zurück zum Zitat Li, T. & Wang, G. (2007). Security analysis of two ultra-lightweight RFID authentication protocols. In Proceedings of 22nd IFIP TC-11 Int’1 information security conference, Sandton, Ganteng, South Africa. Li, T. & Wang, G. (2007). Security analysis of two ultra-lightweight RFID authentication protocols. In Proceedings of 22nd IFIP TC-11 Int’1 information security conference, Sandton, Ganteng, South Africa.
18.
Zurück zum Zitat Li, T., & Deng, R. (2007). Vulnerability analysis of EMAP-an efficient RFID mutual authentication protocol. In Proceedings of second international conference on availability, reliability, and security (AReS’07), Vienna, Austria. Li, T., & Deng, R. (2007). Vulnerability analysis of EMAP-an efficient RFID mutual authentication protocol. In Proceedings of second international conference on availability, reliability, and security (AReS’07), Vienna, Austria.
19.
Zurück zum Zitat Lo, N. W., Yeh, K.-H., & Chen, H.-Y. (2012). Analysis against secret redundancy mechanism for RFID authentication protocol. In 2012 IEEE international conference on, communication, network and satellite (ComNetSat). IEEE. Lo, N. W., Yeh, K.-H., & Chen, H.-Y. (2012). Analysis against secret redundancy mechanism for RFID authentication protocol. In 2012 IEEE international conference on, communication, network and satellite (ComNetSat). IEEE.
20.
Zurück zum Zitat Peris-Lopez, P., Hernandez-Castro, J. C., Tapiador, J. M. E., & Li, T. (2010). Quasi-linear cryptanalysis of a secure RFID ultralightweight authentication protocol. In 6th China international conference on information security and cryptology-Inscrypt’10. Shanghai, China: Springer. Peris-Lopez, P., Hernandez-Castro, J. C., Tapiador, J. M. E., & Li, T. (2010). Quasi-linear cryptanalysis of a secure RFID ultralightweight authentication protocol. In 6th China international conference on information security and cryptology-Inscrypt’10. Shanghai, China: Springer.
21.
Zurück zum Zitat Peris-Lopez, P., Hernandez-Castro, J. C., Tapiador, J. M. E., & Ribagorda, A. (2006). EMAP: An efficient mutual authentication protocol for low-cost RFID tags. In O. T. M. Federated (Ed.) Conferences and workshop: IS workshop, Montpellier, France. Peris-Lopez, P., Hernandez-Castro, J. C., Tapiador, J. M. E., & Ribagorda, A. (2006). EMAP: An efficient mutual authentication protocol for low-cost RFID tags. In O. T. M. Federated (Ed.) Conferences and workshop: IS workshop, Montpellier, France.
22.
Zurück zum Zitat Peris-Lopez, P., Hernandez-Castro, J. C., Tapiador, J. M. E., & Ribagorda, A. (2006). LMAP: A real lightweight mutual authentication protocol for low-cost RFID tags. In Proceedings of 2nd workshop RFID security. Graz, Austria: Ecrypt. Peris-Lopez, P., Hernandez-Castro, J. C., Tapiador, J. M. E., & Ribagorda, A. (2006). LMAP: A real lightweight mutual authentication protocol for low-cost RFID tags. In Proceedings of 2nd workshop RFID security. Graz, Austria: Ecrypt.
23.
Zurück zum Zitat Peris-Lopez, P., Hernandez-Castro, J. C., Tapiador, J. M. E., & Ribagorda, A. (2006). M\(^{2}\)AP: a minimalist mutual-authentication protocol for low-cost RFID tags. In Proceedings of 2006 international conference on ubiquitous intelligence and computing, Wuhan and Three Gorges. Peris-Lopez, P., Hernandez-Castro, J. C., Tapiador, J. M. E., & Ribagorda, A. (2006). M\(^{2}\)AP: a minimalist mutual-authentication protocol for low-cost RFID tags. In Proceedings of 2006 international conference on ubiquitous intelligence and computing, Wuhan and Three Gorges.
24.
Zurück zum Zitat Peris-Lopez, P., Hernandez-Castro, J. C., Tapiador, J. M. E., & Ribagorda, A. (2009). Advances in ultralightweight cryptography for low-cost RFID tags: Gossamer protocol. In Information security applications, pp. 56–68. Peris-Lopez, P., Hernandez-Castro, J. C., Tapiador, J. M. E., & Ribagorda, A. (2009). Advances in ultralightweight cryptography for low-cost RFID tags: Gossamer protocol. In Information security applications, pp. 56–68.
25.
Zurück zum Zitat Peris-Lopez, P., Hernandez-Castro, J. C., Tapiador, J. M. E., & van der Lubbe, J. C. A. (2010). Security flaws in a recent ultralightweight RFID protocol, In: Workshop on RFID security-RFIDSec Asia’10, Singapore. Peris-Lopez, P., Hernandez-Castro, J. C., Tapiador, J. M. E., & van der Lubbe, J. C. A. (2010). Security flaws in a recent ultralightweight RFID protocol, In: Workshop on RFID security-RFIDSec Asia’10, Singapore.
26.
Zurück zum Zitat Phan, R. C. W. (2009). Cryptanlysis of a new ultralightweight RFID authentication protocol-SASI. IEEE Transactions on Dependable and Secure Computing, 6, 316–320.CrossRef Phan, R. C. W. (2009). Cryptanlysis of a new ultralightweight RFID authentication protocol-SASI. IEEE Transactions on Dependable and Secure Computing, 6, 316–320.CrossRef
27.
Zurück zum Zitat Sun, H. N., Ting, W. C., & Wang, K. H. (2011). On the Security of Chien’s ultralightweight RFID authentication protocol. IEEE Transactions on Dependable and Secure Computing, 8, 315–317.CrossRef Sun, H. N., Ting, W. C., & Wang, K. H. (2011). On the Security of Chien’s ultralightweight RFID authentication protocol. IEEE Transactions on Dependable and Secure Computing, 8, 315–317.CrossRef
28.
Zurück zum Zitat Tagra, D., Rahman, M., & Sampalli, S. (2010). Technique for preventing DoS attacks on RFID systems, In: 18th international conference on software telecommunications and computer networks-SoftCOM’10. Bol, Island of Brac, Croatia: IEEE Computer Society. Tagra, D., Rahman, M., & Sampalli, S. (2010). Technique for preventing DoS attacks on RFID systems, In: 18th international conference on software telecommunications and computer networks-SoftCOM’10. Bol, Island of Brac, Croatia: IEEE Computer Society.
29.
Zurück zum Zitat Tian, Y., Chen, G., & Li, J. (2012). A new ultralightweight RFID authentication protocol with permutation. IEEE Communications Letters, 16, 702–705.CrossRef Tian, Y., Chen, G., & Li, J. (2012). A new ultralightweight RFID authentication protocol with permutation. IEEE Communications Letters, 16, 702–705.CrossRef
30.
Zurück zum Zitat Wang, S., Han, Z., Liu, S., & Chen, D. (2012). Security analysis of RAPP: an RFID authentication protocol based on Permutation, Cryptology ePrint Archive, Report 2012/327. Wang, S., Han, Z., Liu, S., & Chen, D. (2012). Security analysis of RAPP: an RFID authentication protocol based on Permutation, Cryptology ePrint Archive, Report 2012/327.
31.
Zurück zum Zitat Zhuang, X., Zhu, Y., & Chang, C. C. (2013). Security Analysis of Ultralightweight RFID Protocols. Technique Report. Zhuang, X., Zhu, Y., & Chang, C. C. (2013). Security Analysis of Ultralightweight RFID Protocols. Technique Report.
32.
Zurück zum Zitat Zhuang, X., Wang, Z. H., Chang, C. C., & Zhu, Y. (2013). Security analysis of a new ultra-lightweight RFID protocol and its improvement. Journal of Information Hiding and Multimedia Signal Processing, 4, 165–180. Zhuang, X., Wang, Z. H., Chang, C. C., & Zhu, Y. (2013). Security analysis of a new ultra-lightweight RFID protocol and its improvement. Journal of Information Hiding and Multimedia Signal Processing, 4, 165–180.
Metadaten
Titel
A New Ultralightweight RFID Protocol for Low-Cost Tags: RAP
verfasst von
Xu Zhuang
Yan Zhu
Chin-Chen Chang
Publikationsdatum
01.12.2014
Verlag
Springer US
Erschienen in
Wireless Personal Communications / Ausgabe 3/2014
Print ISSN: 0929-6212
Elektronische ISSN: 1572-834X
DOI
https://doi.org/10.1007/s11277-014-1958-x

Weitere Artikel der Ausgabe 3/2014

Wireless Personal Communications 3/2014 Zur Ausgabe

Neuer Inhalt