Skip to main content
SpringerLink
Log in

On the security of a new ultra-lightweight authentication protocol in IoT environment for RFID tags

  • Published:
The Journal of Supercomputing Aims and scope Submit manuscript

Abstract

Recently, Tewari and Gupta proposed a ultra-lightweight mutual authentication protocol in IoT environments for RFID tags. Their protocol aims to provide secure communication with least cost in both storage and computation. Unfortunately, in this paper, we exploit the vulnerability of this protocol. In this attack, an attacker can obtain the key shared between a back-end database server and a tag. We also explore the possibility in patching the system with some modifications.

This is a preview of subscription content, log in via an institution to check access.

Access this article

Log in via an institution

Price excludes VAT (USA)
Tax calculation will be finalised during checkout.

Instant access to the full article PDF.

Institutional subscriptions

Fig. 1

Similar content being viewed by others

References

  1. Atzori L, Iera A, Morabito G (2010) The internet of things: a survey. Comput Netw 54(15):2787–2805

    Article  MATH  Google Scholar 

  2. Chen D, Chang G, Sun D, Li J, Jia J, Wang X (2011) TRM-IoT: a trust management model based on fuzzy reputation for internet of things. Comput Sci Inf Syst 8(4):1207–1228

    Article  Google Scholar 

  3. Chien HY (2007) Sasi: a new ultralightweight RFID authentication protocol providing strong authentication and strong integrity. IEEE Trans Dependable Secure Comput 4(4):337–340

    Article  Google Scholar 

  4. He D, Zeadally S (2015) An analysis of RFID authentication schemes for internet of things in healthcare environment using elliptic curve cryptography. IEEE Internet Things J 2(1):72–83

    Article  Google Scholar 

  5. Nguyen KT, Laurent M, Oualha N (2015) Survey on secure communication protocols for the internet of things. Ad Hoc Netw 32:17–31

  6. Peris-Lopez P, Hernandez-Castro J, Estevez-Tapiador J, Ribagorda A (2006) Emap: an efficient mutual-authentication protocol for low-cost RFID tags. In: Meersman R, Tari Z, Herrero P (eds) On the Move to Meaningful Internet Systems 2006: OTM 2006 Workshops. Lecture notes in computer science, vol 4277. Springer, Berlin, p 352–361

  7. Peris-Lopez P, Hernandez-Castro JC, Estévez-Tapiador JM, Ribagorda A (2006) Lmap: a real lightweight mutual authentication protocol for low-cost RFID tags. In: Proceedings of the 2nd Workshop on RFID Security

  8. Peris-Lopez P, Hernandez-Castro JC, Estevez-Tapiador JM, Ribagorda A (2006) M2ap: a minimalist mutual-authentication protocol for low-cost RFID tags. In: International Conference on Ubiquitous Intelligence and Computing. Springer, Berlin, pp 912–923

  9. Roman R, Alcaraz C, Lopez J, Sklavos N (2011) Key management systems for sensor networks in the context of the internet of things. Comput Electr Eng 37(2):147–159

    Article  Google Scholar 

  10. Sundmaeker H, Guillemin P, Friess P, Woelfflé S (2010) Vision and challenges for realising the internet of things. Cluster of European Research Projects on the Internet of Things, European Commision

  11. The internet of things (2005) itu international reports. Tech. rep, International Telecommunications Union

  12. Tewari A, Gupta BB (2016) Cryptanalysis of a novel ultra-lightweight mutual authentication protocol for IoT devices using RFID tags. J Supercomput. doi:10.1007/s11227-016-1849-x

  13. Tian Y, Chen G, Li J (2012) A new ultralightweight RFID authentication protocol with permutation. IEEE Commun Lett 16(5):702–705

    Article  Google Scholar 

Download references

Acknowledgements

Funding was provided by National Natural Science Foundation of China (CN) (Grant No. 61402135) and Shenzhen Technical Project (Grant No. JCYJ20150513151706574).

Author information

Authors and Affiliations

  1. Department of Computer Science and Engineering, Hong Kong University of Science and Technology, Clear Water Bay, Hong Kong

    King-Hang Wang

  2. Harbin Institute of Technology Shenzhen Graduate School, Shenzhen, China

    Chien-Ming Chen & Weicheng Fang

  3. Fujian Provincial Key Laboratory of Big Data Mining and Applications, Fujian University of Technology, Fuzhou, China

    Tsu-Yang Wu

  4. National Demonstration Center for Experimental Electronic Information and Electronic Technology Education, Fujian University of Technology, Fuzhou, China

    Tsu-Yang Wu

Authors
  1. King-Hang Wang
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. Chien-Ming Chen
    View author publications

    You can also search for this author in PubMed Google Scholar

  3. Weicheng Fang
    View author publications

    You can also search for this author in PubMed Google Scholar

  4. Tsu-Yang Wu
    View author publications

    You can also search for this author in PubMed Google Scholar

Corresponding author

Correspondence to Chien-Ming Chen.

Rights and permissions

Reprints and permissions

About this article

Check for updates. Verify currency and authenticity via CrossMark

Cite this article

Wang, KH., Chen, CM., Fang, W. et al. On the security of a new ultra-lightweight authentication protocol in IoT environment for RFID tags. J Supercomput 74, 65–70 (2018). https://doi.org/10.1007/s11227-017-2105-8

Download citation

  • Published:

  • Issue Date:

  • DOI: https://doi.org/10.1007/s11227-017-2105-8

Keywords

Search

Navigation