Abstract
RFID (Radio Frequency Identification) is a crucial application technology in the Internet of Things (IoT) technology. The IoT terminal device needs to be authenticated before accessing the IoT network in order to avoid security holes. Due to the limited resources of the tag side in passive RFID systems, ultra-lightweight RFID authentication protocols are often used in such systems. Based on the characteristics of the ultra-lightweight authentication protocol, we propose a safe and efficient mutual authentication protocol which uses only bitwise operation including XOR and circular left-rotation operation. Cryptanalysis shows that the proposed protocol can prevent many known attacks and has better security performance than some existing ultra-lightweight protocols. In addition, performance evaluation shows that the proposed protocol performs better than the existing ultra-lightweight protocols in terms of computational cost, storage requirement and communication cost.
Similar content being viewed by others
References
Kfir Z, Wool A (2005) Picking virtual pockets using relay attacks on contact—less Smartcard Systems. In: Proceedings of the 1st Int’l Conference on Security and Privacy for Emerging Areas in Comm. Networks (Securecomm 05), IEEE CS Press, 2005, pp 47–58
Rotter P (2008) A Framework for Assessing RFID System Security and Privacy Risks. IEEE Pervasive Comput 7(2):70–77
Avoine G, Carpent X, Hernandez-Castro J (2016) Pitfalls in Ultralightweight Authentication Protocol Designs. IEEE Trans Mobile Comput 15(9):2317–2332
Peris-Lopez P, Hernandez-Castro JC, Estévez-Tapiador JM et al (2006) M2AP: a minimalist mutual-authentication protocol for low-cost RFID tags. In: International Conference on Ubiquitous Intelligence and Computing, pp 912–923
Peris-Lopez P, Hernandez-Castro JC, Estévez-Tapiador JM et al (2006) LMAP: A real lightweight mutual authentication protocol for low-cost RFID tags. In: Proceedings of 2nd Workshop on RFID Security, pp 12–14
Peris-Lopez P, Hernandez-Castro JC, Estevez-Tapiador JM et al (2006) EMAP: an efficient mutual-authentication protocol for low-cost RFID tags. In: OTM Confederated International Conferences” On the Move to Meaningful Internet Systems”, pp 352–361
Chien H-Y (2007) SASI: a new ultralightweight RFID authentication protocol providing strong authentication and strong integrity. IEEE Trans. Dependab. Secure Comput. 4(4):337–340
Tian Y, Chen G, Li J (2012) A new ultralightweight RFID authentication protocol with permutation. IEEE Commun. Lett. 16(5):702–705
Li T, Deng R (2007) Vulnerability analysis of EMAP-an efficient RFID mutual authentication protocol. In: The Second International Conference on Availability, Reliability and Security (ARES’07), pp. 238–245
Li T, Wang G (2007) Security analysis of two ultra-lightweight RFID authentication protocols. In: IFIP International Information Security Conference, pp 109–120
Ul Ain Q, Mahmood Y (2014) Cryptanalysis of Mutual Ultralightweight Authentication Protocols: SASI & RAPP, In: International Conference on Open Source Systems and Technologies
Tewari A, Gupta BB (2017) Cryptanalysis of a novel ultralightweight mutual authentication protocol for IoT devices using RFID tags. J. Supercomput. 73:1085–1102
Wang K-H, Chen C-M, Fang W, Wu T-Y (2018) On the security of a new ultra-lightweight authentication protocol in IoT environment for RFID tags. J Supercomput 74:65–70
Khor Jing Huey, Sidorov Michail (2018) Weakness of Ultra-Lightweight Mutual Authentication Protocol for IoT Devices Using RFID Tags. In: 8th International Conference on Information Science and Technology, June 30–6, pp 91–97
Madiha Khalid, Umar Mujahid, Muhammad Najam-ul-Islam (2018) Cryptanalysis of ultralightweight mutual authentication protocol for radio frequency identification enabled Internet of Things networks. Int J Distrib Sensor Netw 14(8):1–9
Huang Shao-Cheng, Tsai Chia-Wei, Hwang Tzonelih (2018) Comment on Cryptanalysis of A Novel Ultralightweight Mutual Authentication Protocol for IoT Devices Using RFID Tags. In: DSIT ’18: Proceedings of the 2018 International Conference on Data Science and Information Technology, pp 23–27
Gong L, Needham RM, Yahalom R (1990) Reasoning about Belief in Cryptographic Protocols. In: IEEE Symposium on Security and Privacy, pp 234–248
Author information
Authors and Affiliations
Corresponding author
Additional information
Publisher's Note
Springer Nature remains neutral with regard to jurisdictional claims in published maps and institutional affiliations.
Rights and permissions
About this article
Cite this article
Gao, M., Lu, Y. URAP: a new ultra-lightweight RFID authentication protocol in passive RFID system. J Supercomput 78, 10893–10905 (2022). https://doi.org/10.1007/s11227-021-04252-y
Accepted:
Published:
Issue Date:
DOI: https://doi.org/10.1007/s11227-021-04252-y