Skip to main content
SpringerLink
Log in

An Ultra-Lightweight Mutual Authentication Protocol Based on LPN Problem with Distance Fraud Resistant

  • Published:
Wireless Personal Communications Aims and scope Submit manuscript

Abstract

RFID tags are one of the main enablers of the internet of things. All objects have to be equipped with an electronic product code such as RFID tags. Because of minimizing the price, RFID environments are resource-scarce, then designing ultra-lightweight authentication protocols is of great importance. Many ultra-lightweight authentication protocols such as HB family protocols are proposed. One of the most important threats against HB family protocols is a type of man-in-the-middle attack called GRS. Also, in the real world, IoT requires mutual authentication that traditional HB protocols do not support it. Besides, misconceptions about reader-tag distance could create problems in several applications especially in contactless systems such as access control and electronic payment systems, which could be damaged by distance-based frauds. In the present work, we have proposed a novel distance bounding protocol based on HB family protocols with four major characteristics: (1) it can resist terrorist, mafia, and distance fraud attacks; (2) it is a lightweight mutual authentication protocol capable of being used in low-cost IoT equipment such as NFC and RFID; (3) it employs a hard problem that be post-quantum resistant, and (4) it identifies and solves the weaknesses of HB protocols including GRS attacks. The proposed protocol has also been shown to be able to address the known weaknesses and attacks in distance frauds and HB family protocols.

This is a preview of subscription content, log in via an institution to check access.

Access this article

Log in via an institution

Price excludes VAT (USA)
Tax calculation will be finalised during checkout.

Instant access to the full article PDF.

Institutional subscriptions

Fig. 1
Fig. 2
Fig. 3
Fig. 4
Fig. 5
Fig. 6

Similar content being viewed by others

References

  1. He, L., Gan, Y., Li, N.-N., & Zhang, T. (2008). An improved HB ++ protocol against man-in-middle attack in RFID system. In 2008 4th international conference on wireless communications, networking and mobile computing (pp. 1–4).

  2. Bogos, S., & Vaudenay, S. (2016). Optimization of LPN solving algorithms. In International conference on the theory and application of cryptology and information security (pp. 703–728).

  3. Bogos, S. M. (2017). LPN in cryptography: An algorithmic study. Ecole Polytechnique Fédérale de Lausanne.

  4. Brakerski, Z., Lyubashevsky, V., Vaikuntanathan, V., & Wichs, D. (2019). Worst-case hardness for LPN and cryptographic hashing via code smoothing. In Annual international conference on the theory and applications of cryptographic techniques (pp. 619–635).

  5. Hopper, N. J., & Blum, M. (2000). A secure human–computer authentication scheme. Carnegie-Mellon Univ Pittsburgh Pa School Of Computer Science.

  6. Kitsos, P. (2016). Security in RFID and sensor networks. Boca Raton: CRC Press.

    Book  Google Scholar 

  7. Gilbert, H., Robshaw, M., & Sibert, H. (2005). Active attack against HB/sup + : a provably secure lightweight authentication protocol. Electronics Letters, 41, 1169–1170.

    Article  Google Scholar 

  8. Avoine, G., Bultel, X., Gambs, S., Gerault, D., Lafourcade, P., Onete, C., et al. (2017). A terrorist-fraud resistant and extractor-free anonymous distance-bounding protocol. In: Proceedings of the 2017 ACM on Asia conference on computer and communications security (pp. 800–814).

  9. Boureanu, I., Mitrokotsa, A., & Vaudenay, S. (2015). Practical and provably secure distance-bounding. Journal of Computer Security, 23, 229–257.

    Article  Google Scholar 

  10. Karrothu, A., Scholar, R., & Norman, J. (2017). An analysis of LPN based HB protocols. In 2016 eighth international conference on advanced computing (ICoAC) (pp. 138–145).

  11. Juels, A., & Weis, S. A. (2005). Authenticating pervasive devices with human protocols. In Annual international cryptology conference (pp. 293–308).

  12. Bringer, J., Chabanne, H., & Dottax, E. (2006). HB^ + ^+: a lightweight authentication protocol secure against some attacks. In Second international workshop on security, privacy and trust in pervasive and ubiquitous computing (SecPerU’06) (pp. 28–33).

  13. Hammouri, G., Sunar, B. (2008). PUF-HB: a tamper-resilient HB based authentication protocol. In International conference on applied cryptography and network security (pp. 346–365).

  14. Munilla, J., & Peinado, A. (2007). HB-MP: a further step in the HB-family of lightweight authentication protocols. Computer Networks, 51, 2262–2267.

    Article  Google Scholar 

  15. Leng, X., Mayes, K., & Markantonakis, K. (2008). HB-MP + protocol: An improvement on the HB-MP protocol. In 2008 IEEE international conference on RFID (pp. 118–124).

  16. Gilbert, H., Robshaw, M., & Seurin, Y. (2008). HB#: Increasing the security and efficiency of HB + . In Proceedings of international conference the theory and applications of cryptographic techniques advances in cryptology (EUROCRYPT)

  17. Ouafi, K., Overbeck, R., & Vaudenay, S.: On the security of HB# against a man-in-the-middle attack. In International conference on the theory and application of cryptology and information security (pp. 108–124).

  18. Yoon, B., Sung, M. Y., Yeon, S., Oh, H. S., Kwon, Y., et al. (2009). HB-MP ++ protocol: an ultra light-weight authentication protocol for RFID system. In 2009 IEEE international conference on RFID (pp. 186–191).

  19. Madhavan, M., Thangaraj, A., Viswanathan, K., & Sankarasubramaniam, Y. (2010). NLHB: a light-weight, provably-secure variant of the HB protocol using simple non-linear functions. In 2010 national conference on communications (NCC) (pp. 1–5).

  20. S. A. Ali, R. M. Mohamed, and M. H. Fahim, “RCHB: Light-weight, provably-secure variants of the HB protocol using rotation and complementation,” in 2011 5th International Conference on Network and System Security, 2011, pp. 244-248.

  21. K. A. Khoureich, “Light-hHB: A new version of hHB with improved session key exchange,” Cryptology ePrint Archive, Report 2015/713, 2015.

  22. Lin, Z., & Song, J. S. (2013). An improvement in HB-family lightweight authentication protocols for practical use of RFID system. Journal of Advances in Computer Networks, 1, 61–65.

    Article  Google Scholar 

  23. Kiltz, E., Pietrzak, K., Cash, D., Jain, A., & Venturi, D., (2011). Efficient authentication from hard learning problems. In Annual international conference on the theory and applications of cryptographic techniques (pp. 7–26).

  24. Brands, S., & Chaum, D. (1993). Distance-bounding protocols. In Workshop on the theory and application of of cryptographic techniques (pp. 344–359).

  25. Brelurut, A., Gerault, D., & Lafourcade, P. (2015). Survey of distance bounding protocols and threats. In International symposium on foundations and practice of security (pp. 29–49).

  26. Ahmadi, A., Safavi-Naini, R. (2014). Privacy-preserving distance-bounding proof-of-knowledge. In International conference on information and communications security (pp. 74–88).

  27. Bussard, L., & Bagga, W. (2005). Distance-bounding proof of knowledge to avoid real-time attacks. In IFIP international information security conference (pp. 223–238).

  28. Munilla, J., Ortiz, A., & Peinado, A. (2006). Distance bounding protocols with void-challenges for RFID. In Printed handout at the workshop on RFID securityRFIDSec.

  29. Kim, C. H. & Avoine, G.: RFID distance bounding protocol with mixed challenges to prevent relay attacks. In International conference on cryptology and network security (pp. 119–133)

  30. Pagnin, E., Yang, A., Hu, Q., Hancke, G., & Mitrokotsa, A. (2018). HB + DB: Distance bounding meets human based authentication. Future Generation Computer Systems, 80, 627–639.

    Article  Google Scholar 

  31. Desmedt, Y. (1988). Major security problems with the ‘unforgeable’(Feige)-Fiat-Shamir proofs of identity and how to overcome them. In Proceedings of SECURICOM (pp. 15–17).

  32. Fischlin, M., & Onete, C. (2013). Terrorism in distance bounding: modeling terrorist-fraud resistance. In International conference on applied cryptography and network security (pp 414–431).

  33. Levieil, É., & Fouque, P.-A. (2006). An improved LPN algorithm. In International conference on security and cryptography for networks (pp. 348–359).

Download references

Funding

Funding

None.

Author information

Authors and Affiliations

  1. Department of Computer Engineering, Urmia University, Urmia, Iran

    Kazem Mirzadi & Jamshid B. Mohasefi

Authors
  1. Kazem Mirzadi
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. Jamshid B. Mohasefi
    View author publications

    You can also search for this author in PubMed Google Scholar

Corresponding author

Correspondence to Kazem Mirzadi.

Ethics declarations

Conflict of interest

The authors declare that they have no conflict of interest.

Ethical approval

This article does not contain any studies with human participants or animals performed by any of the authors.

Informed consent

None.

Additional information

Publisher's Note

Springer Nature remains neutral with regard to jurisdictional claims in published maps and institutional affiliations.

Rights and permissions

Reprints and permissions

About this article

Check for updates. Verify currency and authenticity via CrossMark

Cite this article

Mirzadi, K., Mohasefi, J.B. An Ultra-Lightweight Mutual Authentication Protocol Based on LPN Problem with Distance Fraud Resistant. Wireless Pers Commun 117, 2225–2251 (2021). https://doi.org/10.1007/s11277-020-07969-w

Download citation

  • Accepted:

  • Published:

  • Issue Date:

  • DOI: https://doi.org/10.1007/s11277-020-07969-w

Keywords

Search

Navigation