“…The number of times (x) a object is authenticated in a zone accounts for a total of x *(4T XOR +4T PRNG +1T EDC +2T RNG ). Performance Analysis of MKT phase (mutual authentication, key update and ticket computation) in [1] is analyzed for the time complexity of the operations (TXOR-time complexity of the XOR operation, TRNG -time complexity of the random number generation operation, TPRNG-time complexity of Pseudo Random number function, TPER-time complexity of permutation operation, T MOD -time complexity of modulus operation) used in mutual authentication. Table 5 projects the total time complexity at a tag identifying the object and a reader (authenticator).…”
Section: Desynchronization Attackmentioning
confidence: 99%
“…Reliable security solutions for RF applications demand security requirements with respect to authentication, integrity, privacy, anonymity, session freshness, synchronization. Interesting threads of research in this direction have been the focus of [1]- [6]. As RF systems are chiefly low-powered, it is important that the security solutions take into consideration computing over heads.…”
Section: Introductionmentioning
confidence: 99%
“…Replay attack involves using an object's response to an authenticator's challenge to impersonate the object [17]. These attacks can be countered in RF systems by providing privacy protection and authentication [1], [2], [7], [18][19][20].…”
Section: Introductionmentioning
confidence: 99%
“…Proposes a light weight mutual authentication and ownership management scheme by using limited cryptographic functionality [1]. The scheme is done in two phases.…”
mentioning
confidence: 99%
“…While [1], [18] have not considered mobile RF systems, [19] implements a light weight authentication for mobile RF system with grouped tags to identify objects. The authentication for tags is based on PRNG mainly because the low-cost tags are restricted in storage capacity and computational power.…”
Automatic identification systems represent a wide classification of devices used primarily in commercial settings for inventory/logistics control. Familiar examples of such devices are bar codes, magnetic strips, smart cards, RFID (Radio frequency identification) and biometric and voice recognition. Security is especially lax in low powered RF (radio frequency) systems communicating through an unsecured radio wave channel. Security represents a critical component for enabling the large scale adoption of automatic identification systems. Providing an effective security solution for low powered systems is a major area of concern; it directs research towards 'power consumption aware' computations in security solutions. This paper proposes a Lightweight Inter-Zonal Authentication Protocol for moving objects in low powered RF systems. Formal validation and a thorough analysis of the protocol in SPAN security tool reveals its effectiveness and resiliency to attacks-eaves dropping, reader and tag impersonation, replay and desynchronization.
“…The number of times (x) a object is authenticated in a zone accounts for a total of x *(4T XOR +4T PRNG +1T EDC +2T RNG ). Performance Analysis of MKT phase (mutual authentication, key update and ticket computation) in [1] is analyzed for the time complexity of the operations (TXOR-time complexity of the XOR operation, TRNG -time complexity of the random number generation operation, TPRNG-time complexity of Pseudo Random number function, TPER-time complexity of permutation operation, T MOD -time complexity of modulus operation) used in mutual authentication. Table 5 projects the total time complexity at a tag identifying the object and a reader (authenticator).…”
Section: Desynchronization Attackmentioning
confidence: 99%
“…Reliable security solutions for RF applications demand security requirements with respect to authentication, integrity, privacy, anonymity, session freshness, synchronization. Interesting threads of research in this direction have been the focus of [1]- [6]. As RF systems are chiefly low-powered, it is important that the security solutions take into consideration computing over heads.…”
Section: Introductionmentioning
confidence: 99%
“…Replay attack involves using an object's response to an authenticator's challenge to impersonate the object [17]. These attacks can be countered in RF systems by providing privacy protection and authentication [1], [2], [7], [18][19][20].…”
Section: Introductionmentioning
confidence: 99%
“…Proposes a light weight mutual authentication and ownership management scheme by using limited cryptographic functionality [1]. The scheme is done in two phases.…”
mentioning
confidence: 99%
“…While [1], [18] have not considered mobile RF systems, [19] implements a light weight authentication for mobile RF system with grouped tags to identify objects. The authentication for tags is based on PRNG mainly because the low-cost tags are restricted in storage capacity and computational power.…”
Automatic identification systems represent a wide classification of devices used primarily in commercial settings for inventory/logistics control. Familiar examples of such devices are bar codes, magnetic strips, smart cards, RFID (Radio frequency identification) and biometric and voice recognition. Security is especially lax in low powered RF (radio frequency) systems communicating through an unsecured radio wave channel. Security represents a critical component for enabling the large scale adoption of automatic identification systems. Providing an effective security solution for low powered systems is a major area of concern; it directs research towards 'power consumption aware' computations in security solutions. This paper proposes a Lightweight Inter-Zonal Authentication Protocol for moving objects in low powered RF systems. Formal validation and a thorough analysis of the protocol in SPAN security tool reveals its effectiveness and resiliency to attacks-eaves dropping, reader and tag impersonation, replay and desynchronization.
Over the past decade, besides authentication, ownership management protocols have been suggested to transfer or delegate the ownership of RFID tagged items. Recently, Niu et al. have proposed an authentication and ownership management protocol based on 16-bit pseudo random number generators and exclusive-or operations which both can be easily implemented on low-cost RFID passive tags in EPC global Class-1 Generation-2 standard. They claim that their protocol offers location and data privacy and also resists against desynchronization attack. In this paper, we analyze the security of their proposed authentication and ownership management protocol and show that the protocol is vulnerable to secret disclosure and desynchronization attacks. The complexity of most of the attacks are only two runs of the protocol and the success probability of the attacks are almost 1.
scite is a Brooklyn-based organization that helps researchers better discover and understand research articles through Smart Citations–citations that display the context of the citation and describe whether the article provides supporting or contrasting evidence. scite is used by students and researchers from around the world and is funded in part by the National Science Foundation and the National Institute on Drug Abuse of the National Institutes of Health.