Skip to main content
SpringerLink
Log in

An improved low-cost yoking proof protocol based on Kazahaya’s flaws

  • Published:
The Journal of Supercomputing Aims and scope Submit manuscript

Abstract

Peris-Lopez et al. (J Netw Comput Appl 34:833–845, 2011) recently provided some guidelines that should be followed to design a secure yoking proof protocol. In addition, conforming to those guidelines and EPC C1-G2, they presented a yoking proof for medical systems based on low-cost RFID tags, named Kazahaya. In this paper, we compromise its security and show how a passive adversary can retrieve secret parameters of a patient’s tag in cost of \(O(2^{16})\) off-line PRNG evaluations. Nevertheless, to show other weaknesses of the protocol and rule out any possible improvement by increasing the length of the used PRNG, we present a forgery attack that proves that a generated proof at time \(t_n\) can be used to forge a valid proof for any desired time \(t_j\). The success probability of this attack is ‘1’ and the complexity is negligible. In addition, we present a new lightweight protocol based on 128-bit PRNG function to solve the problems of Kazahaya protocol. In terms of security, we evaluate the new protocol based on formal and informal methods and prove that the improved protocol is not vulnerable to RFID attacks.

This is a preview of subscription content, log in via an institution to check access.

Access this article

Log in via an institution

Price excludes VAT (USA)
Tax calculation will be finalised during checkout.

Instant access to the full article PDF.

Institutional subscriptions

Fig. 1
Fig. 2

Similar content being viewed by others

References

  1. Alamr AA, Kausar F, Kim J, Seo C (2016) A secure ECC-based RFID mutual authentication protocol for internet of things. J Supercomput 2:1–14

    Google Scholar 

  2. Vijaykumar V, Elango S, Ramakrishnan S et al (2017) Implementation of 2 \(n-2\) \(k-1\) modulo adder based RFID mutual authentication protocol. IEEE Trans Ind Electron 65:626–635

    Article  Google Scholar 

  3. Wang K-H, Chen C-M, Fang W, Wu T-Y (2017) On the security of a new ultra-lightweight authentication protocol in IoT environment for RFID tags. J Supercomput 1:1–6

    Google Scholar 

  4. Juels A (2004) Yoking-proofs for RFID tags. In: Proceedings of the Second IEEE Annual Conference on Pervasive Computing and Communications Workshops. IEEE, pp 138–143

  5. Fan K, Ge N, Gong Y, Li H, Su R, Yang Y (2016) An ultra-lightweight RFID authentication scheme for mobile commerce. Peer Peer Netw Appl 10:1–9

    Google Scholar 

  6. Sicari S, Rizzardi A, Grieco LA, Coen-Porisini A (2015) Security, privacy and trust in internet of things: the road ahead. Comput Netw 76:146–164

    Article  Google Scholar 

  7. Li C-T, Weng C-Y, Lee C-C (2015) A secure RFID tag authentication protocol with privacy preserving in telecare medicine information system. J Med Syst 39(8):1–8

    Article  Google Scholar 

  8. Peris-Lopez P, Orfila A, Hernandez-Castro JC, Van der Lubbe JC (2011) Flaws on RFID grouping-proofs. Guidelines for future sound protocols. J Netw Comput Appl 34(3):833–845

    Article  Google Scholar 

  9. Burmester M, De Medeiros B, Motta R (2008) Provably secure grouping-proofs for RFID tags. In: International Conference on Smart Card Research and Advanced Applications. Springer, pp 176–190

  10. Saito J, Sakurai K (2005) Grouping proof for RFID tags. In: 19th International Conference on Advanced Information Networking and Applications (AINA’05) Volume 1 (AINA Papers), vol 2. IEEE, pp 621–624

  11. Lin C-C, Lai Y-C, Tygar J, Yang C-K, Chiang C-L (2007) Coexistence proof using chain of timestamps for multiple RFID tags. In: Advances in Web and Network Technologies, and Information Management. Springer, pp 634–643

  12. Chien H-Y, Liu S-B (2009) Tree-based RFID yoking proof. In: International Conference on Networks Security, Wireless Communications and Trusted Computing, NSWCTC’09, vol 1. IEEE, pp 550–553

  13. Huang H-H, Ku C-Y (2009) A RFID grouping proof protocol for medication safety of inpatient. J Med Syst 33(6):467–474

    Article  Google Scholar 

  14. Chien H-Y, Yang C-C, Wu T-C, Lee C-F (2011) Two RFID-based solutions to enhance inpatient medication safety. J Med Syst 35(3):369–375

    Article  Google Scholar 

  15. Lee H, Hong D (2006) The tag authentication scheme using self-shrinking generator on RFID system. Trans Eng Comput Technol 18:52–57

    Google Scholar 

  16. Sundaresan S, Doss R, Piramuthu S, Zhou W (2014) A robust grouping proof protocol for RFID EPC C1G2 tags. IEEE Trans Inf Forensics Secur 9(6):961–975

    Article  Google Scholar 

  17. Yuan B, Liu J (2016) A universally composable secure grouping-proof protocol for RFID tags. Concurr Comput Pract Exp 28:1872–1883

    Article  Google Scholar 

  18. Huang P, Mu H, Zhang C (2014) A new lightweight RFID grouping proof protocol. In: Huang Y-M, Chao HC, Deng DJ, Park J (eds) Advanced technologies, embedded and multimedia for human-centric computing. Springer, Berlin, pp 869–876

  19. Hsi C-T, Lien Y-H, Chiu J-H, Chang HK-C (2015) Solving scalability problems on secure RFID grouping-proof protocol. Wirel Pers Commun 84(2):1069–1088

    Article  Google Scholar 

  20. Wu S, Chen K, Zhu Y (2012) A secure lightweight RFID binding proof protocol for medication errors and patient safety. J Med Syst 36(5):2743–2749

    Article  Google Scholar 

Download references

Author information

Authors and Affiliations

  1. Department of Computer Engineering, Science and Research Branch, Islamic Azad University, Tehran, Iran

    Mojtaba Eslamnezhad Namin

  2. Electrical Engineering Department, Shahid Rajaee Teacher Training University, Tehran, Iran

    Nasour Bagheri

  3. Computer Engineering Department, Shahid Rajaee Teacher Training University, Tehran, Iran

    Masoumeh Safkhani

  4. Department of Computer Engineering, Ahvaz Branch, Islamic Azad University, Ahvaz, Iran

    Samad Rostampour

Authors
  1. Nasour Bagheri
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. Masoumeh Safkhani
    View author publications

    You can also search for this author in PubMed Google Scholar

  3. Mojtaba Eslamnezhad Namin
    View author publications

    You can also search for this author in PubMed Google Scholar

  4. Samad Rostampour
    View author publications

    You can also search for this author in PubMed Google Scholar

Corresponding author

Correspondence to Mojtaba Eslamnezhad Namin.

Rights and permissions

Reprints and permissions

About this article

Check for updates. Verify currency and authenticity via CrossMark

Cite this article

Bagheri, N., Safkhani, M., Namin, M.E. et al. An improved low-cost yoking proof protocol based on Kazahaya’s flaws. J Supercomput 74, 1934–1948 (2018). https://doi.org/10.1007/s11227-017-2200-x

Download citation

  • Published:

  • Issue Date:

  • DOI: https://doi.org/10.1007/s11227-017-2200-x

Keywords

Search

Navigation