Skip to main content
SpringerLink
Log in

Security and Privacy Analysis of Tree-LSHB+ Protocol

  • Published:
Wireless Personal Communications Aims and scope Submit manuscript

Abstract

Because of the limited capacity of tags in computation and storage, Radio Frequency Identification (RFID) systems have various security problems. By eavesdropping, intercepting or modifying the messages transmitted between the tag and the reader, a RFID system is vulnerable to various attacks. In this paper, we analyze a new lightweight authentication protocol, named as Tree-LSHB+, which is one of the protocols in HB family. Then we prove that the Tree-LSHB+ protocol is vulnerable to secret information disclosure attack, traceability attack, and desynchronization attack. At last, a revised protocol of Tree-LSHB+ which can resist the aforementioned three attacks is proposed.

This is a preview of subscription content, log in via an institution to check access.

Access this article

Log in via an institution

Price excludes VAT (USA)
Tax calculation will be finalised during checkout.

Instant access to the full article PDF.

Institutional subscriptions

Fig. 1
Fig. 2
Fig. 3

Similar content being viewed by others

References

  1. Cho, J. S., & Park, J. J. (2012). High attack cost: Hash based RFID tag mutual authentication protocol. In 3rd international conference on computer science and its applications, lecture notes in electrical engineering (Vol. 114, pp. 113–120).

  2. Hernandez-Castro, J. C., Peris-Lopez, P., Safkhani, M., Bagheri, N., & Naderi, M. (2012). Another fallen hash-based RFID authentication protocol. In WISTP 2012, lecture notes in computer science (Vol. 7322, pp. 29–37).

  3. Zhou, S., Zhang, Z., Luo, Z., & Wong, E. C. (2010). A lightweight anti-desynchronization RFID authentication protocol. Information Systems Frontiers, 12(5), 521–528.

    Article  Google Scholar 

  4. Quafi, K., Overbock, R., & Vaudenay S. (2008). On the security of HB# against a man-in-the-middle attack. In Proceedings of 14th international conference on the theory and application of cryptology and information security, 2010 (Vol. 5350, pp. 108–124).

  5. Deng, G., Li, H., Zhang, Y., & Wang, J. (2013). Tree-LSHB+: An LPN-based lightweight mutual authentication RFID protocol. Wireless Personal Communications, 72(1), 159–174.

    Google Scholar 

  6. Hopper, N. J., & Blum, M. (2001). Secure human identification protocols. In Cryptology–ASIACRYPT 2001, lecture notes in computer science (Vol. 2248, pp. 52–66).

  7. Juels, A., & Weis, S. (2005). Authenticating pervasive devices with human protocols. In Cryptology–crypto 2005, lecture notes in computer science (Vol. 3621, pp. 293–308).

  8. Gilbert, H., Robshaw, M., & Silbert, H. (2005). An active attack against HB+-a provable secure light-weighted authentication protocol. Cryptology ePrint archive, report 2005/237. http://eprint.iacr.org.

  9. Piramuthu, S. (2007). Protocols for RFID tag/reader authentication. Decision Support Systems, 43(3), 897–914.

    Article  Google Scholar 

  10. Munilla, J., & Peinado, A. (2007). HP-MP: A further step in the HB-family of lightweight authentication protocols. Computer Networks, 51(9), 2262–2267.

    Article  MATH  Google Scholar 

  11. Leng, X., Mayes, K., & Markantonakis, K. (2008). HB-MP+ protocol: An improvement on the HB-MP protocol. In IEEE international conference on RFID (pp. 118–124), Apr 16–17 2008.

  12. Yoon, B., Sung, M. Y., Yeon, S., Oh, H. S., Kwon, Y., Kim, C., et al. (2009). HB- MP++ protocol: An ultra light-weight authentication protocol for RFID system. In IEEE international conference on RFID (pp. 186–191), Apr 27–28 2009.

  13. Gilbert, H., Robshaw, M., & Seurin, Y. (2008). HB#: Increasing the security and efficiency of HB+. In EUROCRYPT 2008 (pp. 361–387).

  14. Madhavan, M., Thangaraj, A., Sankarasubramanian, Y., & Viswanathan, K. (2010). NLHB: A non-linear hopper-blum protocol. In Proceedings of IEEE international symposium on information theory, 2010 (pp. 2498–2502).

  15. Abyaneh, M. R. S. (2010). On the security of non-linear HB (NLHB) protocol against passive attack. In Proceedings of IEEE/IFIP international conference on embedded and ubiquitous computing, 2010 (pp. 523–528).

  16. Bosley, C., Haralambiev, K., & Nicolosi, A. (2011). HBN: An HB-like protocol secure against man-in-the-middle attacks. Cryptology ePrint archive, report 2011/350.

  17. Ali, S. A., Mohamed, R. M., & Fahim, M. H. (2011). RCHB: Light-weight, provably-secure variants of the HB protocol using rotation and complementation. In Proceedings of 5th international conference on network and system security, 2011 (pp. 244–248).

  18. Cao, X., & O’Neill, M. (2011). F-HB: An efficient forward private protocol. In Proceedings of workshop on lightweight security and privacy: Devices, protocols, and applications, 2011 (pp. 53–60).

  19. Mamun, M. S. I., Miyaji, A., & Rahman, M. S. (2012). A secure and private RFID authentication protocol under SLPN problem. In Network and system security—6th international conference, 2012, lecture notes in computer science (Vol. 7645, pp. 476–489).

  20. Heyse, S., Kiltz, E., Lyubashevsky, V., Lyubashevsky, C. & Pietrzak, K. (2012). Lapin: An efficient authentication protocol based on ring-LPN. In Fast software encryption—19th international workshop, 2012, lecture notes in computer science (Vol. 7549, pp. 346–365).

  21. Hou, F., Yang, C., Liu, J., Zhang, Y., Tian, J. & Zhang, Y. (2012). HB-MAP protocol: A new secure bidirectional light-wight authentication protocol of HB. In Proceedings of 9th IEEE international conference on E-business engineering, 2012 (pp. 151–155).

  22. Rizomiliotis, P., & Gritzalis, S. (2012). GHB#: A provably secure HB-like lightweight authentication protocol. In Applied cryptography and network security-10th international conference, lecture notes in computer science (Vol. 7341, pp. 489–506).

  23. Li, Z., Gong, G., & Qin, Z. (2013). Secure and efficient LCMQ entity authentication protocol. IEEE Transactions on Information Theory, 59(6), 4042–4054.

    Article  MathSciNet  Google Scholar 

  24. Aumasson, J., Henzen, L., Meier, W., & Naya-Plasencia, M. (2010). Quark: A lightweight hash. In Cryptographic hardware and embedded systems—12th international workshop, lecture notes in computer science (Vol. 6225, pp. 1–15).

  25. Wei, C., Hwang, M., & Chin, A. Y. (2011). A mutual authentication protocol for RFID. IT Professional, 13(2), 20–24.

    Article  Google Scholar 

  26. Cho, J., Yeo, S., & Kim, S. K. (2011). Securing against brute-force attack: A hash-based RFID mutual authentication protocol using a secret value. Computer Communications, 34(3), 391–397.

    Article  Google Scholar 

  27. Trujillo-Rasua, R., & Solanas, A. (2011). Efficient probabilistic communication protocol for the private identification of RFID tags by means of collaborative readers. Computer Networks, 55(15), 3211–3223.

    Article  Google Scholar 

  28. Sun, D., & Zhong, J. (2012). A hash-based RFID security protocol for strong privacy protection. IEEE Transactions on Consumer Electronics, 58(4), 1246–1252.

    Article  MathSciNet  Google Scholar 

  29. Li, S., Yang, X., & Liang, P. (2013). A new hash-based authentication protocol for RFID using varying identifiers. Applied Mechanics and Materials, 306, 2112–2116.

    Article  Google Scholar 

  30. Halevi, T., Saxena, N., & Halevi, S. (2011). Tree-based HB protocols for privacy-preserving authentication of RFID tags. Journal of Computer Security, 19(2), 343–363.

    Google Scholar 

  31. Berlekamp, E. R., McEliece, R. J., & Tilborg, V. (1978). On the inherent intractability of certain coding problems. IEEE Transactions on Information Theory, 24, 384–386.

    Article  MATH  Google Scholar 

Download references

Acknowledgments

This work was supported by the National Nature Science Foundation of China (No. 71231004 and No. 71131002).

Author information

Authors and Affiliations

  1. School of Management, Hefei University of Technology, No.193, Tunxi Road, Hefei, People’s Republic of China

    Xiaofei Qian, Xinbao Liu & Shanlin Yang

  2. Department of Business, Hefei University of Technology, No.193, Tunxi Road, Hefei, People’s Republic of China

    Chao Zuo

Authors
  1. Xiaofei Qian
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. Xinbao Liu
    View author publications

    You can also search for this author in PubMed Google Scholar

  3. Shanlin Yang
    View author publications

    You can also search for this author in PubMed Google Scholar

  4. Chao Zuo
    View author publications

    You can also search for this author in PubMed Google Scholar

Corresponding author

Correspondence to Xiaofei Qian.

Rights and permissions

Reprints and permissions

About this article

Cite this article

Qian, X., Liu, X., Yang, S. et al. Security and Privacy Analysis of Tree-LSHB+ Protocol. Wireless Pers Commun 77, 3125–3141 (2014). https://doi.org/10.1007/s11277-014-1699-x

Download citation

  • Published:

  • Issue Date:

  • DOI: https://doi.org/10.1007/s11277-014-1699-x

Keywords

Search

Navigation