Secure RFID Authentication Schemes Based on Security Analysis and Improvements of the USI Protocol

Abstract: Wireless radio frequency identification (RFID) has been widely used as the core technology of the Internet of Things, but it also brings many potential security risks. In this paper, two typical RFID security authentication protocols are analyzed in depth. The results show that the two protocols have security risks, and two targeted attack methods are proposed. Next, two RFID security authentication protocols which can resist the DoS, replay, and tracing attacks are designed. The first protocol uses index grou… Show more

“…Our security analysis clearly highlights critical security pitfalls in this protocol. This work completes the recent work of Gao et al [26]. 2) We introduce a novel security model which can be employed in order to analyze the security of a protocol for which the communication channel between a reader and the back-end server is insecure.…”

“…eavesdropping, replay, impersonation and DoS attacks. However, recently Gao et al have shown that the server-less protocol suffers from traceability attack [26]. In this article, we also show that the major security pitfalls of server-mounted authentication protocol, we call it SMAP (stands for servermounted authentication protocol), which has been proposed by Wang and Ma [20] .…”

“…It should be noted such information has already been used to trace a tag, e.g. [33], [34], [35], [26] to trace the tag in a search protocol or [26] to trace the tag in the server-less version of Wang and Ma protocol. The main idea behind such a traceability is to send several queries and then determine whether the given tag is the target tag or not.…”

A New Strong Adversary Model for RFID Authentication Protocols

“…Our security analysis clearly highlights critical security pitfalls in this protocol. This work completes the recent work of Gao et al [26]. 2) We introduce a novel security model which can be employed in order to analyze the security of a protocol for which the communication channel between a reader and the back-end server is insecure.…”

“…eavesdropping, replay, impersonation and DoS attacks. However, recently Gao et al have shown that the server-less protocol suffers from traceability attack [26]. In this article, we also show that the major security pitfalls of server-mounted authentication protocol, we call it SMAP (stands for servermounted authentication protocol), which has been proposed by Wang and Ma [20] .…”

“…It should be noted such information has already been used to trace a tag, e.g. [33], [34], [35], [26] to trace the tag in a search protocol or [26] to trace the tag in the server-less version of Wang and Ma protocol. The main idea behind such a traceability is to send several queries and then determine whether the given tag is the target tag or not.…”

A New Strong Adversary Model for RFID Authentication Protocols

“…In 2012, Wang and Ma [34] proposed two RFID authentication protocols, a server-less one and a server-mounted one. But later analyses [35], [36] showed that the server-less version cannot resist traceability attacks, and the server-mounted version suffers from impersonation attacks. In 2015, Srivastava et al [37] proposed an authentication protocol to protect TIMSs, which is based on hash function and shared secrets.…”

“…Lee et al [51] proposed an authentication mechanism for smart devices, using TKIP (temporal key integrity protocol) encryption. Gao et al [35] designed an authentication scheme based on Rabin public key cryptography. Hosseinzadeh et al [52] showed that Gao et al's scheme [35] is insecure against impersonation and desynchronization attacks, and then proposed an improved protocol.…”

SecMAP: A Secure RFID Mutual Authentication Protocol for Healthcare Systems

URASP: An ultralightweight RFID authentication scheme using permutation operation