A Lightweight Authentication Scheme for RFID with Permutation Operation on Passive Tags
- سال انتشار: 1400
- محل انتشار: مجله محاسبات و امنیت، دوره: 8، شماره: 2
- کد COI اختصاصی: JR_JCSE-8-2_006
- زبان مقاله: انگلیسی
- تعداد مشاهده: 139
نویسندگان
Department of Electrical Engineering, Khorasgan (Isfahan) Branch, Islamic Azad University, Isfahan, Iran.
Department of Electrical Engineering, Khorasgan (Isfahan) Branch, Islamic Azad University, Isfahan, Iran.
Department of Electrical Engineering, Khorasgan (Isfahan) Branch, Islamic Azad University, Isfahan, Iran.
چکیده
Rapid and ever-increasing Internet of things (IoT) developments have brought about great hopes of improving the quality of human life. Radio-frequency identification (RFID) employed as a backup technology in the IoT is widely used in different aspects of life. Therefore, high priority should be given to security problems and user privacy protection. However, limited computational power and storage resources in passive tags have made the implementation of security measures difficult in RFID. In other words, the design of lightweight authentication protocols for RFID systems is still a major challenge in RFID security. A lightweight authentication protocol has been recently proposed for passive tags by Liu et al. Using specific inverse operations in the IOLAS protocol, they claimed that the lightweight bitwise operations would make this protocol resistant against known and potential attacks in RFID systems. This study aimed to show that the same inverse operations pose the main problem so that this protocol fails to guarantee backward security. It was also indicated that the IOLAS protocol is vulnerable to replay, reader impersonation, tag tracking attacks, and secret disclosure attack. Finally, we improved the IOLAS protocol and proposed the POLAS protocol, which is resistant to the currently known attacks. We analyze the security level of the proposed protocols and prove the security of the proposed design using BAN (Burrows-Abadi-Needham) logic. We also formally confirmed the security of the proposal using the Scyther simulation tool. According to security analysis, we can observe that this protocol have a high level of security. A comparison of the performance of the POLAS protocol shows that this protocol is comparable to similar protocols in terms of computational costs, storage costs, and communication costs.کلیدواژه ها
RFID, Replay attacks, Reader impersonation, Tag trackingاطلاعات بیشتر در مورد COI
COI مخفف عبارت CIVILICA Object Identifier به معنی شناسه سیویلیکا برای اسناد است. COI کدی است که مطابق محل انتشار، به مقالات کنفرانسها و ژورنالهای داخل کشور به هنگام نمایه سازی بر روی پایگاه استنادی سیویلیکا اختصاص می یابد.
کد COI به مفهوم کد ملی اسناد نمایه شده در سیویلیکا است و کدی یکتا و ثابت است و به همین دلیل همواره قابلیت استناد و پیگیری دارد.