JOURNAL OF SHANDONG UNIVERSITY(NATURAL SCIENCE) ›› 2019, Vol. 54 ›› Issue (5): 52-76.doi: 10.6040/j.issn.1671-9352.2.2018.079

•   • Previous Articles     Next Articles

A lightweight anti-desynchronization RFID mutual authentication protocol

Xin-min DAI1(),Xiao-yao XIE2,*()   

  1. 1. School of Computer Science and Technology, Guizhou University, Guiyang 550025, Guizhou, China
    2. Key Laboratory of Information and Computing Science of Guizhou Province, Guizhou Normal University, Guiyang 550001, Guizhou, China
  • Received:2018-09-20 Online:2019-05-20 Published:2019-05-09
  • Contact: Xiao-yao XIE E-mail:xmdai@gzu.edu.cn;xiexy@gzu.edu.cn
  • Supported by:
    国家自然科学基金资助项目(61461009);贵州省科学技术基金资助项目(黔科合J字[2011]2200号)

Abstract:

Lightweight radio frequency identification (RFID) protocols usually adopt a synchronous update mechanism to avoid leakage of location privacy, but it brings the problem of desynchronization attack. Desynchronization attack can cause inconsistent updates of the secret data between the tag and the database. As a result, the tag does not work properly. After the analysis of an existing protocol, it is found that it is vulnerable to the attack of desynchronization. In view of the defects of the existing protocol, a new lightweight mutual authentication protocol against desynchronization attack is proposed. The formal analysis of the new protocol is carried out by using the ideal honest theory of the strand space, which proves the correctness of the new protocol.

Key words: RFID, security protocol, physically unclonable function, desynchronization attack, strand space

CLC Number: 

  • TN915.08

Fig.1

KMP+ protocol"

Fig.2

Message exchange in KMP+"

Fig.3

The first bundle of desynchronization attack"

Fig.4

The second bundle of desynchronization attack"

Fig.5

New protocol"

Fig.6

Message exchange in new protocol"

Table 1

The comparison of security of related protocols"

安全目标RMABPKMPKMP+新协议
抗假冒攻击××
抗去同步攻击××
抗信息泄露×
抗重放攻击××
前向安全×
抗克隆攻击
不可追踪×
双向认证×

Table 2

The comparison of performance of related protocols"

性能要求RMABPKMPKMP+新协议
标签存储2L3L4L4L
DB存储2L4L5L7L
通信开销4L4L5L5L
标签计算量2P+1LF2P+3LF2P+4LF2P+4LF
DB计算量(0.5n+1)P+1LF0P+3LF0P+5LF0P+4.5LF
1 PANG L J, HE L W, PEI Q Q, et al. Secure and efficient mutual authentication protocol for RFID conforming to the EPC C-1 G-2 standard[C]//2013 IEEE Wireless Communications and Networking Conference (WCNC), Shanghai: IEEE, 2013: 1870-1875.
2 WANG S H , LIU S J , CHEN D W . Security analysis and improvement on two RFID authentication protocols[J]. Wireless Personal Communications, 2015, 82 (1): 21- 33.
doi: 10.1007/s11277-014-2189-x
3 SAFKHANI M , HOSSEINZADEH M , NAMIN M E , et al. On the (Im)possibility of receiving security beyond 2l using an l-bit PRNG[J]. Wireless Personal Communications, 2017, 92 (4): 1591- 1597.
doi: 10.1007/s11277-016-3623-z
4 XIAO F , ZHOU Y J , ZHOU J X , et al. Security protocol for RFID system conforming to EPC-C1 G2 standards[J]. Journal of Computers, 2013, 8 (3): 605- 612.
5 ABDOLMALEKI B, BAGHERY K, AKHBARI B, et al. Analysis of Xiao et al.'s authentication protocol conforming to EPC C1 G2 standard[C]//2016 8th International Symposium on Telecommunications (IST), Iran:IEEE, 2016:111-116.
6 DELVAUX J , PEETERS R , GU D W , et al. A survey on lightweight entity authentication with strong PUFs[J]. ACM Computing Surveys, 2015, 48 (2): 1- 42.
7 BOLOTNYY L, ROBINS G. Physically unclonable function-based security and privacy in RFID systems[C]//Fifth Annual IEEE International Conference on Pervasive Computing and Communications. New York: IEEE, 2007: 211-220.
8 KULSENG L, YU Z, WEI Y W, et al. Lightweight mutual authentication and ownership transfer for RFID systems[C]//2010 Proceedings IEEE INFOCOM Conference. San Diego: IEEE, 2010: 1-5.
9 KARDAS S, AKGÜN M, KIRAZ M S, et al. Cryptanalysis of lightweight mutual authentication and ownership transfer for RFID systems[C]//2011 Workshop on Lightweight Security & Privacy: Devices, Protocols, and Applications. Istanbul: IEEE, 2011: 20-25.
10 BASSIL R, EL-BEAINO W, KAYSSI A, et al. A PUF-based ultra-lightweight mutual-authentication RFID protocol[C]//Internet Technology and Secured Transactions (ICITST). New York: IEEE, 2011: 495-499.
11 李晖, 夏伟, 邓冠阳, 等. 超轻量级双向认证协议PUMAP的安全性分析[J]. 北京理工大学学报, 2013, 33 (12): 1259- 1262.
doi: 10.3969/j.issn.1001-0645.2013.12.010
LI Hui , XIA Wei , DENG Guanyang , et al. Security analysis of a PUF based ultra-lightweight mutual authentication RFID protocol-PUMAP[J]. Transactions of Beijing Institute of Technology, 2013, 33 (12): 1259- 1262.
doi: 10.3969/j.issn.1001-0645.2013.12.010
12 徐旭光, 欧毓毅, 凌捷, 等. 基于PUF的轻量级RFID安全认证协议[J]. 计算机应用与软件, 2014, 31 (11): 302- 306.
doi: 10.3969/j.issn.1000-386x.2014.11.077
XU Xuguang , OU Yuyi , LING Jie , et al. Lightweight rfid secure authentication protocol based on puf[J]. Computer Applications and Software, 2014, 31 (11): 302- 306.
doi: 10.3969/j.issn.1000-386x.2014.11.077
13 寇红召, 张紫楠, 马骏, 等. 基于物理不可克隆函数的RFID双除认证[J]. 计算机工程, 2013, 39 (6): 142- 145.
KOU Hongzhao , ZHANG Zinan , MA Jun , et al. RFID mutual authentication based on physical unclonable function[J]. Computer Engineering, 2013, 39 (6): 142- 145.
14 柳毅, 顾国生. 一种新的轻量级RFID双向认证协议[J]. 计算机科学, 2017, 44 (2): 206- 208, 227.
LIU Yi , GU Guosheng . New mutual authentication for lightweight RFID protocols[J]. Computer Science, 2017, 44 (2): 206- 208, 227.
15 THAYER FÁBREGA F J , HERZOG J C , GUTTMAN J D . Strand spaces: proving security protocols correct[J]. Journal of Computer Security, 1999, 7 (2/3): 191- 230.
16 THAYER F F J, HERZOG J C, GUTTMAN J D. Honest ideals on strand spaces[C]//Proceedings of 11th IEEE ComputerSecurity Foundations Workshop. Rockport: IEEE, 1998: 66-77.
[1] MENG Bo, LU Jin-tian, WANG De-jun, HE Xu-dong. Survey of security analysis of security protocol implementations [J]. JOURNAL OF SHANDONG UNIVERSITY(NATURAL SCIENCE), 2018, 53(1): 1-18.
[2] WANG Xu-yu, JING Feng-xuan, WANG Yu-qing. An improved hash-based RFID security authentication algorithm [J]. JOURNAL OF SHANDONG UNIVERSITY(NATURAL SCIENCE), 2014, 49(09): 154-159.
[3] RAO Xu-li1, ZHANG Mei-ping2, XU Li2. The RFID card reader system design based on Zigbee technology [J]. J4, 2013, 48(7): 62-67.
[4] RAO Xu-li1, ZHANG Mei-ping2, MA Xian-hu2. Design of laboratory equipment monitoring management system based on the internet of things [J]. J4, 2012, 47(11): 74-77.
Viewed
Full text


Abstract

Cited

  Shared   
  Discussed   
[1] ZHAO Jun1, ZHAO Jing2, FAN Ting-jun1*, YUAN Wen-peng1,3, ZHANG Zheng1, CONG Ri-shan1. Purification and anti-tumor activity examination of water-soluble asterosaponin from Asterias rollestoni Bell[J]. J4, 2013, 48(1): 30 -35 .
[2] YANG Yong-wei1, 2, HE Peng-fei2, LI Yi-jun2,3. On strict filters of BL-algebras#br#[J]. JOURNAL OF SHANDONG UNIVERSITY(NATURAL SCIENCE), 2014, 49(03): 63 -67 .
[3] MENG Xiang-bo1, ZHANG Li-dong1, DU Zi-ping2. Investment and reinsurance strategy for insurers under #br# mean-variance criterion with jumps#br#[J]. JOURNAL OF SHANDONG UNIVERSITY(NATURAL SCIENCE), 2014, 49(05): 36 -40 .
[4] HAN Ya-fei, YI Wen-hui, WANG Wen-bo, WANG Yan-ping, WANG Hua-tian*. Soil bacteria diversity in continuous cropping poplar plantation#br# by high throughput sequencing[J]. JOURNAL OF SHANDONG UNIVERSITY(NATURAL SCIENCE), 2014, 49(05): 1 -6 .
[5] PENG Zhen-hua, XU Yi-hong*, TU Xiang-qiu. Optimality conditions for weakly efficient elements of nearly preinvex set-valued optimizaton#br#[J]. JOURNAL OF SHANDONG UNIVERSITY(NATURAL SCIENCE), 2014, 49(05): 41 -44 .
[6] LIU Zhan-jie1, MA Ru-ning1, ZOU Guo-ping1, ZHONG Bao-jiang2, DING Jun-di 3. An algorithm for color image segmentation based on region growth[J]. J4, 2010, 45(7): 76 -80 .
[7] LUO Si-te, LU Li-qian, CUI Ruo-fei, ZHOU Wei-wei, LI Zeng-yong*. Monte-Carlo simulation of photons transmission at alcohol wavelength in  skin tissue and design of fiber optic probe[J]. J4, 2013, 48(1): 46 -50 .
[8] GUO Lan-lan1,2, GENG Jie1, SHI Shuo1,3, YUAN Fei1, LEI Li1, DU Guang-sheng1*. Computing research of the water hammer pressure in the process of #br# the variable speed closure of valve based on UDF method[J]. JOURNAL OF SHANDONG UNIVERSITY(NATURAL SCIENCE), 2014, 49(03): 27 -30 .
[9] ZHOU Wei-na, ZUO Lian-cui*. A(d,1)-total labeling of Cartesian products of some classes of graphs#br#[J]. JOURNAL OF SHANDONG UNIVERSITY(NATURAL SCIENCE), 2014, 49(04): 24 -28 .
[10] Ming-Chit Liu. THE TWO GOLDBACH CONJECTURES[J]. J4, 2013, 48(2): 1 -14 .