Skip to main content
SpringerLink
Log in

Formal Analysis and Verification for an Ultralightweight Authentication Protocol RAPP of RFID

  • Conference paper
  • First Online:
Theoretical Computer Science (NCTCS 2017)

Part of the book series: Communications in Computer and Information Science ((CCIS,volume 768))

Included in the following conference series:

Abstract

Radio Frequency Identification (RFID) technique, as the core of Internet of Things, is facing security threats. It is critical to protect information security in RFID system. Ultralightweigh authentication protocols are an important class of RFID lightweight authentication protocols. RAPP is a recently proposed ultralightweight authentication protocol, which is different from any other existing protocols due to the use of permutation. Formal methods are vital for ensuring the security and reliability of software systems, especially safety-critical systems. A protocol abstract modeling method is presented to build abstract interaction model of RAPP which can be formalized by extracting interaction features. Due to the complexity of fundamental cryptograph operations in RAPP, the proposed method overcomes the limitation which is inconvenient to discuss security of RAPP directly with formal method. Using SPIN, authenticity and consistency of RAPP properties is verified. Analysis and verification result shows that RAPP is vulnerable against desynchronization attack. The proposed modeling method above has great significance in formal analysis of similar ultralightweight authentication protocols of RFID.

This is a preview of subscription content, log in via an institution to check access.

Access this chapter

Log in via an institution
Chapter
USD 29.95
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
eBook
USD 39.99
Price excludes VAT (USA)
  • Available as EPUB and PDF
  • Read on any device
  • Instant download
  • Own it forever
Softcover Book
USD 54.99
Price excludes VAT (USA)
  • Compact, lightweight edition
  • Dispatched in 3 to 5 business days
  • Free shipping worldwide - see info

Tax calculation will be finalised at checkout

Purchases are for personal use only

Institutional subscriptions

References

  1. Bruce, N., Kim, H., Kang, Y., Lee, Y., Lee, H.: On modeling protocol-based clustering tag in RFID systems with formal security analysis. In: 2015 IEEE 29th International Conference on Advanced Information Networking and Applications (AINA), pp. 498–505 (2015). doi:10.1109/AINA.2015.227

  2. Qian, Q., Jia, Y.L., Zhang, R.: A lightweight RFID security protocol based on elliptic curve crytography. Int. J. Netw. Secur. 18(2), 354–361 (2016)

    Google Scholar 

  3. López, P.P., Castro, D.D.J.C.H., Garnacho, D.D.A.R.: Lightweight cryptography in radio frequency identification (RFID) systems. Computer Science Department, Carlos III University of Madrid (2008)

    Google Scholar 

  4. Chien, H.Y., Huang, C.W.: Security of ultra-lightweight RFID authentication protocols and its improvements. ACM SIGOPS Oper. Syst. Rev. 41(4), 83–86 (2007). doi:10.1145/1278901.1278916

    Article  Google Scholar 

  5. Peris-Lopez, P., Hernandez-Castro, J.C., Tapiador, J.M.E., Ribagorda, A.: Advances in ultralightweight cryptography for low-cost RFID tags: Gossamer protocol. In: Chung, K., Sohn, K., Yung, M. (eds.) WISA 2008. LNCS, vol. 5379, pp. 56–68. Springer, Heidelberg (2009). doi:10.1007/978-3-642-00306-6_5

    Chapter  Google Scholar 

  6. Chien, H.Y.: SASI: a new ultralightweight RFID authentication protocol providing strong authentication and strong integrity. IEEE Trans. Dependable Secure Comput. 4(4), 337–340 (2007). doi:10.1109/tdsc.2007.70226

    Article  Google Scholar 

  7. Gurubani, J.B., Thakkar, H., Patel, D.R.: Improvements over extended LMAP+: RFID authentication protocol. In: Dimitrakos, T., Moona, R., Patel, D., McKnight, D.H. (eds.) IFIPTM 2012. IAICT, vol. 374, pp. 225–231. Springer, Heidelberg (2012). doi:10.1007/978-3-642-29852-3_17

    Chapter  Google Scholar 

  8. Tian, Y., Chen, G., Li, J.: A new ultralightweight RFID authentication protocol with permutation. IEEE Commun. Lett. 16(5), 702–705 (2012). doi:10.1109/lcomm.2012.031212.120237

    Article  Google Scholar 

  9. Xiao, M., Ma, C., Deng, C., Zhu, K.: A novel approach to automatic security protocol analysis based on authentication event logic. Chin. J. Electron. 24(1), 187–192 (2015). doi:10.1049/cje.2015.01.031

    Article  Google Scholar 

  10. Holzmann, G.J.: The model checker SPIN. IEEE Trans. Software Eng. 23(5), 279–295 (1997)

    Article  Google Scholar 

  11. Maggi, P., Sisto, R.: Using SPIN to verify security properties of cryptographic protocols. In: Bošnački, D., Leue, S. (eds.) SPIN 2002. LNCS, vol. 2318, pp. 187–204. Springer, Heidelberg (2002). doi:10.1007/3-540-46017-9_14

    Chapter  Google Scholar 

  12. Dolev, D., Yao, A.: On the security of public key protocols. IEEE Trans. Inf. Theory 29(2), 198–208 (1983)

    Article  MathSciNet  MATH  Google Scholar 

  13. Qingling, C., Yiju, Z., Yonghua, W.: A minimalist mutual authentication protocol for RFID system & BAN logic analysis. In: ISECS International Colloquium on Computing, Communication, Control, and Management, CCCM 2008, vol. 2, pp. 449–453. IEEE (2008). doi:10.1109/CCCM.2008.305

  14. Islam, S.: Security analysis of LMAP using AVISPA. Int. J. Secure. Netw. 9(1), 30–39 (2014). doi:10.1504/ijsn.2014.059325

    Article  Google Scholar 

  15. Yuan, G., Long, S.: Formal verification of RFID protocols using nuXmv. In: 2016 10th IEEE International Conference on Anti-counterfeiting, Security, and Identification (ASID), pp. 58–62. IEEE (2016). doi:10.1109/ICASID.2016.7873917

  16. Bagheri, N., Safkhani, M., Peris-Lopez, P., Tapiador, J.E.: Cryptanalysis of RAPP, an RFID authentication protocol. IACR Cryptology ePrint Archive, p. 702 (2012)

    Google Scholar 

  17. Shao-hui, W., Zhijie, H., Sujuan, L., Dan-wei, C.: Security analysis of RAPP an RFID authentication protocol based on permutation. College of computer, Nanjing University of Posts and Telecommunications, Nanjing, 210046 (2012)

    Google Scholar 

  18. Ahmadian, Z., Salmasizadeh, M., Aref, M.R.: Desynchronization attack on RAPP ultralightweight authentication protocol. Inf. Process. Lett. 113(7), 205–209 (2013). doi:10.1016/j.ipl.2013.01.003

    Article  MathSciNet  MATH  Google Scholar 

  19. Bruce, N., Kim, H., Kang, Y., Lee, Y., Lee, H.: On modeling protocol-based clustering tag in RFID systems with formal security analysis. In: 2015 IEEE 29th International Conference on Advanced Information Networking and Applications (AINA), pp. 498–505. IEEE (2015). doi:10.1109/aina.2015.227

  20. Hou, G., Zhou, K., Yong, J.: Survey of state explosion problem in model checking. Comput. Sci. 40(06A), 77–86 (2013). doi:10.3969/j.issn.1002-137X.2013.z1.018

    Google Scholar 

  21. Xiao, M., Xue, J.: Formal description of properties of concurrency system by temporal logic. J. Naval Univ. Eng. 05, 10–13 (2004). doi:10.3969/j.issn.1009-3486.2004.05.003

    Google Scholar 

Download references

Acknowledgements

This work is supported by National Natural Science Foundation of China (NSFC) under grant of No. 61163005 and 61562026, the Natural Science Foundation of Jiangxi Province of China under grant of No. 20161BAB202063, and the Foreign Science Technology Cooperation Project of Jiangxi Province (No. 20151BDH80005).

Author information

Authors and Affiliations

  1. School of Software, East China Jiaotong University, Nanchang, 330013, People’s Republic of China

    Wei Li, Meihua Xiao, Yanan Li, Yingtian Mei, Xiaomei Zhong & Jimin Tu

Authors
  1. Wei Li
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. Meihua Xiao
    View author publications

    You can also search for this author in PubMed Google Scholar

  3. Yanan Li
    View author publications

    You can also search for this author in PubMed Google Scholar

  4. Yingtian Mei
    View author publications

    You can also search for this author in PubMed Google Scholar

  5. Xiaomei Zhong
    View author publications

    You can also search for this author in PubMed Google Scholar

  6. Jimin Tu
    View author publications

    You can also search for this author in PubMed Google Scholar

Corresponding author

Correspondence to Wei Li .

Editor information

Editors and Affiliations

  1. The University of Texas at Dallas, Richardson, Texas, USA

    Dingzhu Du

  2. Hefei University of Technology, Hefei, Anhui Province, China

    Lian Li

  3. National University of Defense Technology, Changsha, Hunan, China

    En Zhu

  4. Huazhong University of Science and Technology, Wuhan, Hubei, China

    Kun He

Rights and permissions

Reprints and permissions

Copyright information

© 2017 Springer Nature Singapore Pte Ltd.

About this paper

Cite this paper

Li, W., Xiao, M., Li, Y., Mei, Y., Zhong, X., Tu, J. (2017). Formal Analysis and Verification for an Ultralightweight Authentication Protocol RAPP of RFID. In: Du, D., Li, L., Zhu, E., He, K. (eds) Theoretical Computer Science. NCTCS 2017. Communications in Computer and Information Science, vol 768. Springer, Singapore. https://doi.org/10.1007/978-981-10-6893-5_9

Download citation

  • DOI: https://doi.org/10.1007/978-981-10-6893-5_9

  • Published:

  • Publisher Name: Springer, Singapore

  • Print ISBN: 978-981-10-6892-8

  • Online ISBN: 978-981-10-6893-5

  • eBook Packages: Computer ScienceComputer Science (R0)

Publish with us

Policies and ethics

Search

Navigation