Author
Listed:
- Masoumeh Safkhani
(Computer Engineering Department, Shahid Rajaee Teacher Training University, Tehran 16788-15811, Iran
These authors contributed equally to this work.)
- Nasour Bagheri
(Electrical Engineering Department, Shahid Rajaee Teacher Training University, Tehran 16788-15811, Iran
School of Computer Science, Institute for Research in Fundamental Sciences (IPM), Tehran 19538-33511, Iran
These authors contributed equally to this work.)
- Mahyar Shariat
(Computer Engineering Department, Shahid Rajaee Teacher Training University, Tehran 16788-15811, Iran
These authors contributed equally to this work.)
Abstract
Passive Radio Frequency IDentification (RFID) tags are generally highly constrained and cannot support conventional encryption systems to meet the required security. Hence, designers of security protocols may try to achieve the desired security only using limited ultra-lightweight operations. In this paper, we show that the security of such protocols is not provided by using rotation functions. In the following, for an example, we investigate the security of an RFID authentication protocol that has been recently developed using rotation function named ULRAS, which stands for an Ultra-Lightweight RFID Authentication Scheme and show its security weaknesses. More precisely, we show that the ULRAS protocol is vulnerable against de-synchronization attack. The given attack has the success probability of almost ‘1’, with the complexity of only one session of the protocol. In addition, we show that the given attack can be used as a traceability attack against the protocol if the parameters’ lengths are an integer power of 2, e.g., 128. Moreover, we propose a new authentication protocol named UEAP, which stands for an Ultra-lightweight Encryption based Authentication Protocol, and then informally and formally, using Scyther tool, prove that the UEAP protocol is secure against all known active and passive attacks.
Suggested Citation
Masoumeh Safkhani & Nasour Bagheri & Mahyar Shariat, 2018.
"On the Security of Rotation Operation Based Ultra-Lightweight Authentication Protocols for RFID Systems,"
Future Internet, MDPI, vol. 10(9), pages 1-15, August.
Handle:
RePEc:gam:jftint:v:10:y:2018:i:9:p:82-:d:164832
Download full text from publisher
Corrections
All material on this site has been provided by the respective publishers and authors. You can help correct errors and omissions. When requesting a correction, please mention this item's handle: RePEc:gam:jftint:v:10:y:2018:i:9:p:82-:d:164832. See general information about how to correct material in RePEc.
If you have authored this item and are not yet registered with RePEc, we encourage you to do it here. This allows to link your profile to this item. It also allows you to accept potential citations to this item that we are uncertain about.
We have no bibliographic references for this item. You can help adding them by using this form .
If you know of missing items citing this one, you can help us creating those links by adding the relevant references in the same way as above, for each refering item. If you are a registered author of this item, you may also want to check the "citations" tab in your RePEc Author Service profile, as there may be some citations waiting for confirmation.
For technical questions regarding this item, or to correct its authors, title, abstract, bibliographic or download information, contact: MDPI Indexing Manager (email available below). General contact details of provider: https://www.mdpi.com .
Please note that corrections may take a couple of weeks to filter through
the various RePEc services.
Printed from https://ideas.repec.org/a/gam/jftint/v10y2018i9p82-d164832.html
