Skip to main content
SpringerLink
Log in

Security Analysis of the Qian et al. Protocol: A Revised Tree-LSHB+ Protocol

  • Published:
Wireless Personal Communications Aims and scope Submit manuscript

Abstract

Low-cost radio-frequency identification tags are confronted with various security and privacy issues due to their limits in computational and storage capabilities. Many lightweight authentication protocols have been proposed so far to resist all possible attacks and threats. A revised Tree-LSHB+ protocol was recently proposed by Qian et al. [Wirel Pers Commun 77(4):3125–3141. doi:10.1007/s11277-014-1699-x, 2014] after a security analysis on the original Tree-LSHB+ protocol proposed by Deng et al. [Wirel Pers Commun 72(1):159–174. doi:10.1007/s11277-013-1006-2, 2013]. And it claimed to be secure against secret information disclosure attack. In this paper, we present an active attack against it in a general man-in-the-middle attack where an adversary is capable of eavesdropping, intercepting, manipulating, and blocking the messages transmitted between a legitimate reader and a legitimate tag. The attack is proved to be efficient to disclose all the authentication keys shared between a reader and a tag. Additionally, we introduce another possible active attack which can even retrieve all the secrets in the tree-traversal stage.

This is a preview of subscription content, log in via an institution to check access.

Access this article

Log in via an institution

Price excludes VAT (USA)
Tax calculation will be finalised during checkout.

Instant access to the full article PDF.

Institutional subscriptions

Fig. 1
Fig. 2
Fig. 3
Fig. 4
Fig. 5

Similar content being viewed by others

References

  1. Qian, X., Liu, X., Yang, S., & Zuo, C. (2014). Security and privacy analysis of Tree-LSHB+ protocol. Wireless Personal Communications, 77(4), 3125–3141. doi:10.1007/s11277-014-1699-x.

    Article  Google Scholar 

  2. Deng, G., Li, H., Zhang, Y., & Wang, J. (2013). Tree-LSHB+: An LPN-based lightweight mutual authentication RFID protocol. Wireless Personal Communications, 72(1), 159–174. doi:10.1007/s11277-013-1006-2.

    Article  Google Scholar 

  3. Hopper, N. J., & Blum, M. (2000). A secure human–computer authentication scheme. Technical report CMU-CS-00-139, Computer Science Department, Carnegie Mellon University, Paper 148.

  4. Juels, A., & Weis, S. A. (2005). Authenticating pervasive devices with human. Protocols Crypto 2005 LNCS, 3621, 293–308.

    MathSciNet  MATH  Google Scholar 

  5. Gilbert, H., Robshaw, M., & Silbert, H. (2005). An Active attack against HB+—A provably secure lightweight authentication protocol. Cryptology ePrint archive, report 2005/237. http://eprint.iacr.org/2005/237.

  6. BRINGER, J., Chabanne, H., & Dottax, E. (2006). HB++: A lightweight authentication protocol secure against some attacks. Proceedings of the second international workshop on security, privacy and trust in pervasive and ubiquitous computing (SecPerU’06).

  7. Munilla, J., & Peinado, A. (2007). HB-MP: A further step in the HB-family of lightweight authentication protocols. Computer Networks, 51(9), 2262–2267. doi:10.1016/j.comnet.2007.01.011.

    Article  MATH  Google Scholar 

  8. Leng, X., Mayes, K., & Markantonakis, K. (2008). HB-MP+ protocol: An improvement on the HB-MP protocol. IEEE international conference on RFID, 118–124.

  9. Piramuthu, S. (2007). Protocols for RFID tag/reader authentication. Decision Support Systems, 43(3), 897–914. doi:10.1016/j.dss.2007.01.003.

    Article  Google Scholar 

  10. Yoon, B., Sung, M. Y., Yeon, S., Oh, H. S., Kwon, Y., Kim, C., et al. (2009). HB-MP++ protocol: An ultra light-weight authentication protocol for RFID system. IEEE International Conference on RFID, 2009, 186–191.

    Google Scholar 

  11. Lin, Z., & Song, J. S. (2013). An improvement in HB-family lightweight authentication protocols for practical use of RFID system. Journal of Advances in Computer Networks. doi:10.7763/jacn.2013.v1.13.

    Google Scholar 

  12. Gilbert, H., Robshaw, M. J. B., & Seurin, Y. (2008). HB#: Increasing the security and efficiency of HB+. EUROCRYPT, 2008, 361–387.

    MathSciNet  MATH  Google Scholar 

  13. Ouafi, K., Overbeck, R., & Vaudenay, S. (2008). On the security of HB# against a man-in-the-middle attack. ASIACRYPT 2008 LNCS, 5350, 108–124.

    Article  MathSciNet  MATH  Google Scholar 

  14. Bringer, J., & Chabanne, H. (2008). Trusted-HB: A low-cost version of HB+ secure against man-in-the-middle attacks. CoRR, http://arxiv.org/abs/0802.0603v1.

  15. Madhavan, M., Thangaraj, A., Viswanathan, K., & Sankarasubramaniam, Y. (2010). NLHB: A light-weight, provably-secure variant of the HB protocol using simple non-linear functions. Proceedings of IEEE international symposium on information theory (pp. 2498–2502).

  16. Abyaneh, M. R. S. (2010). On the security of non-linear HB (NLHB) protocol against passive attack. Proceedings of IEEE/IFIP international conference on embedded and ubiquitous computing (pp. 523–528).

  17. Ali, S. A., & Hardan, M. (2013). Variants of HB protocols for RFID security. Journal of Engineering Sciences, 41(3), 1151–1174.

    Google Scholar 

  18. Bosley, C., Haralambiev, K., & Nicolosi, A. (2011). HBN: An HB-like protocol secure against man-in-the-middle attacks. Cryptology ePrint archive, report 2011/350.

  19. Hou, F., Yang, C., Liu, J., Zhang, Y., Tian, J., & Zhang, Y. (2012). HB-MAP protocol: A new secure bidirectional light-wight authentication protocol of HB. Ninth IEEE International Conference on e-Business Engineering, 2012, 151–155. doi:10.1109/icebe.2012.33.

    Google Scholar 

  20. Rizomiliotis, P., & Gritzalis, S. (2012). GHB#: A Provably Secure HB-Like Lightweight Authentication Protocol. 10th international conference, ACNS 2012, Singapore, June 2629, 2012. Proceedings (Vol. 7341, pp 489–506). doi:10.1007/978-3-642-31284-7_29.

  21. Li, Z., Gong, G., & Qin, Z. (2013). Secure and efficient LCMQ entity authentication protocol.pdf>. IEEE Transactions on Information Theory, 59(6), 4042–4054.

    Article  MathSciNet  MATH  Google Scholar 

  22. Halevi, T., Saxena, N., & Halevi, S. (2011). Tree-based HB protocols for privacy-preserving authentication of RFID tags. Journal of Computer Security, 19(2), 343–363.

    Article  Google Scholar 

  23. Berlekamp, E. R., McEliece, R. J., & Tilborg, H. C. A. V. (1978). On the inherent intractability of certain coding problems. IEEE Transactions on Information Theory, 24, 384–386.

    Article  MathSciNet  MATH  Google Scholar 

  24. Blum, A., Kalai, A., & Wasserman, H. (2003). Noise-tolerant learning, the parity problem, and the statistical query model. ACM, 50, 506–519.

    MathSciNet  MATH  Google Scholar 

  25. Fossorier, M. P. C., Mihaljević, M. J., Imai, H., Cui, Y., & Matsuura, K. (2006). A novel algorithm for solving the LPN problem and its application to security evaluation of the HB protocol for RFID authentication. Cryptology ePrint Archive, Report 2006/197.

  26. Kirchner, P. (2011). Improved generalized birthday attack. Cryptology ePrint Archive, Report 2011/377. http://eprint.iacr.org/2011/377.

  27. Teixidó, I., Sebé, F., Conde, J., & Solsona, F. (2014). MPI-based implementation of an enhanced algorithm to solve the LPN problem in a memory-constrained environment. Parallel Computing, 40(5–6), 100–112. doi:10.1016/j.parco.2014.04.002.

    Article  Google Scholar 

Download references

Acknowledgements

This work was supported by NFSC (grant No.61628202).

Author information

Authors and Affiliations

  1. School of Computer Science, Beijing University of Posts and Telecommunications, No. 10, Xitucheng Road, Beijing, People’s Republic of China

    Miao Lei, Hui Li, Wenlong Liu & Dongxun Jin

Authors
  1. Miao Lei
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. Hui Li
    View author publications

    You can also search for this author in PubMed Google Scholar

  3. Wenlong Liu
    View author publications

    You can also search for this author in PubMed Google Scholar

  4. Dongxun Jin
    View author publications

    You can also search for this author in PubMed Google Scholar

Corresponding author

Correspondence to Hui Li.

Rights and permissions

Reprints and permissions

About this article

Check for updates. Verify currency and authenticity via CrossMark

Cite this article

Lei, M., Li, H., Liu, W. et al. Security Analysis of the Qian et al. Protocol: A Revised Tree-LSHB+ Protocol. Wireless Pers Commun 96, 1083–1098 (2017). https://doi.org/10.1007/s11277-017-4225-0

Download citation

  • Published:

  • Issue Date:

  • DOI: https://doi.org/10.1007/s11277-017-4225-0

Keywords

Search

Navigation