Skip to main content
SpringerLink
Log in

Revisiting the Security of Qian et al.’s Revised Tree-\(\hbox {LSHB}^+\) Protocol

  • Published:
Wireless Personal Communications Aims and scope Submit manuscript

A Correction to this article was published on 13 December 2019

This article has been updated

Abstract

Due to the limited computation and memory capabilities of the identification tags, RFID systems are susceptible to various attacks. In 2014, a lightweight mutual authentication RFID protocol that supports key update was proposed by Qian et al., and it was claimed to be secure against several known attacks. In this paper, however, we show that their protocol cannot resist key recovery attack, where an adversary, after interacting with the tag several times, can recover the authentication keys of the system in polynomial time with non-negligible probability. Additionally, we also prove that their protocol cannot provide strong backward security or strong forward security: an adversary who has compromised some continuous authentication keys, can successfully recover all the future authentication keys and some of the previous authentication keys, which completely breaks the security of the authentication protocol. We then propose a new protocol which provides key recovery resilience, both strong backward security and strong forward security, and also resistance against various known types of attacks.

This is a preview of subscription content, log in via an institution to check access.

Access this article

Log in via an institution

Price excludes VAT (USA)
Tax calculation will be finalised during checkout.

Instant access to the full article PDF.

Institutional subscriptions

Fig. 1
Fig. 2
Fig. 3
Fig. 4

Similar content being viewed by others

Change history

  • 13 December 2019

    The authors' second affiliation was missing in the original article.

  • 13 December 2019

    The authors' second affiliation was missing in the original article.

Notes

  1. To guarantee the security strength of the key update, we assume \(K_1^i \ne O\) for any i, otherwise the authentication key would be zero after updating i times. Thus there are at least two non-zero elements in \(\overrightarrow{\lambda }\).

  2. Apparently, this theorem can only make sense when \(i \ge j+2\).

  3. The above \(K_{1_{(k_x \times k_x)}}\) in Eq. (11) for the update of \(\overrightarrow{key_{x}}\) is a sub-matrix of \(K_{2_{(k_y \times k_y)}}\) since \(k_x < k_y\) according to Table 1, then the leakage of \(K_2\) implies the leakage of \(K_1\), which leads to the leakage of all the subsequent \(\overrightarrow{key_{x}}\) given the continuous leaked keys {\(\overrightarrow{key_{x}},\overrightarrow{key_{y}}\)}.

References

  1. Hopper, N. J., & Blum, M. (2001). Secure human identification protocols. In Cryptology-ASIACRYPT 2001, Lecture Notes in Computer Science (Vol. 2248, pp. 52–66).

  2. Juels, A., & Weis, S. (2005). Authenticating pervasive devices with human protocols. In Cryptology-ASIACRYPT 2005, Lecture Notes in Computer Science (Vol. 3621, pp. 293–308).

  3. Gilbert, H., Robshaw, M., & Silbert, H. (2005). An active attack against \({\rm HB}^+\)-a provable secure lightweighted authentication protocol. Cryptology ePrint archive, report 2005/237. http://eprint.iacr.org. Accessed 14 Feb 2019.

  4. Bringer, J., Chabanne, H., Dottax, E., & Chabanne, H. (2006). \({\rm HB}^{++}\): A lightweight authentication protocol secure against some attacks. In Proceedings of the second international workshop on security, privacy and trust in pervasive and ubiquitous computing (SecPerU06) (pp. 28–33).

  5. Duc, D. N., & Kim, K. (2007). Securing \({\rm HB}^+\) against GRS man-in-the-middle attack. In Institute of Electronics. Information and Communication Engineers, Symposium on Cryptography and Information Security, Jan 23–26 2007.

  6. Munilla, J., & Peinado, A. (2007). HP-MP: A further step in the HB-family of lightweight authentication protocols. Computer Networks, 51(9), 2262–2267.

    Article  Google Scholar 

  7. Leng, X., Mayes, K., & Markantonakis, K. (2008). HB-\({\rm MP}^{+}\) protocol: An improvement on the HB-MP protocol. In IEEE international conference on RFID, Apr 16–17 2008 (pp. 118–124).

  8. Gilbert, H., Robshaw, M. J., & Seurin, Y. (2008). Good variants of \({\rm HB}^{+}\) are hard to find. In Financial Cryptography and Data Security 2008, Lecture Notes in Computer Science (Vol. 5143, pp. 156–170).

  9. Gilbert, H., Robshaw, M., & Seurin, Y. (2008). \({\rm HB}^{\#}\): Increasing the security and efficiency of \({\rm HB^+}\). In Cryptology-EUROCRYPT 2008, Lecture Notes in Computer Science (vol. 4965, pp. 361–387).

  10. Ouafi, K., Overbock, R., & Vaudenay, S. (2008). On the security of \({\rm HB}^{\#}\) against a man-in-the-middle attack. In Cryptology-ASIACRYPT 2008, Lecture Notes in Computer Science (Vol. 5350, pp. 3108–124).

  11. Bosley, C., Haralambiev, K., & Nicolosi, A. (2011). HBN: An HB-like protocol secure against man-in-the-middle attacks. Cryptology ePrint Archive, report 2011/350. http://eprint.iacr.org. Accessed 14 Feb 2019.

  12. Rizomiliotis, P., & Gritzalis, S. (2012). \(\text{GHB}^{\#}\): A provably Secure HB-Like lightweight authentication protocol. In ACNS 2012, Lecture Notes in Computer Science (vol. 7341, pp. 489–506).

  13. Aseeri, A., & Bamasag, O. (2016). Achieving protection against man-in-the-middle attack in HB family protocols implemented in RFID tags. International Journal of Pervasive Computing and Communications, 12(3), 375–390.

    Article  Google Scholar 

  14. Li, Z., Gong, G., & Qin, Z. (2013). Secure and efficient LCMQ entity authentication protocol. IEEE Transactions on Information Theory, 59(6), 4042–4054.

    Article  MathSciNet  Google Scholar 

  15. Molnar, D., & Wagner, D. (2004). Privacy and security in library RFID: Issues, practices, and architectures. In ACM CCS 2004 (pp. 210–219).

  16. Halevi, T., Saxena, N., & Halevi, S. (2011). Tree-based HB protocols for privacy-preserving authentication of RFID tags. Journal of Computer Security, 19(2), 343–363.

    Article  Google Scholar 

  17. Deng, G., Li, H., Zhang, Y., & Wang, J. (2013). Tree-LS\({\rm HB}^{+}\): An LPN-based lightweight mutual authentication RFID protocol. Wireless Personal Communications, 72(1), 159–174.

    Article  Google Scholar 

  18. Qian, X., Liu, X., Yang, S., & Zuo, C. (2014). Security and privacy analysis of Tree-LS\({\rm HB}^+\) protocol. Wireless Personal Communications, 77(4), 3125–3141.

    Article  Google Scholar 

  19. Lei, M., Li, H., Liu, W., & Jin, D. (2017). Security analysis of the Qian et al. protocol: A revised Tree-LS\({\rm HB}^+\) protocol. Wireless Personal Communications, 96(1), 1083–1098.

    Article  Google Scholar 

  20. Berlekamp, E. R., McEliece, R. J., & Tilborg, V. (1978). On the inherent intractability of certain coding problems. IEEE Transactions on Information Theory, 24(3), 384–386.

    Article  MathSciNet  Google Scholar 

  21. Blum, A., Kalai, A., & Wasserman, H. (2003). Noise-tolerant learning, the parity problem, and the statistical query model. Journal of the ACM, 50(4), 506–519.

    Article  MathSciNet  Google Scholar 

  22. Zhang, B., Jiao, L., & Wang, M. (2016). Faster algorithms for solving LPN. In Cryptology-EUROCRYPT 2016, Lecture Notes in Computer Science (vol. 9665, pp. 168–195).

  23. Krawczyk, H. (1994). LFSR-based hashing and authentication. In Cryptology-CRYPTO 1994, Lecture Notes in Computer Science (vol. 839, pp. 129–139).

  24. Krawczyk, H. (1995). New hash functions for message authentication. In Cryptology-CRYPTO 1995, Lecture Notes in Computer Science (vol. 921, pp. 301–310).

    Chapter  Google Scholar 

Download references

Acknowledgements

This work was supported by the National Key Research and Development Program of China (2017YFB0802500) and National Natural Science Foundation of China (61572485, U1536205).

Author information

Authors and Affiliations

  1. Trusted Computing and Information Assurance Laboratory, SKLCS, Institute of Software, Chinese Academy of Sciences, 4# South Fourth Street, Zhong Guan Cun, Beijing, 100190, People’s Republic of China

    Xinyu Li, Jing Xu & Zhenfeng Zhang

Authors
  1. Xinyu Li
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. Jing Xu
    View author publications

    You can also search for this author in PubMed Google Scholar

  3. Zhenfeng Zhang
    View author publications

    You can also search for this author in PubMed Google Scholar

Corresponding author

Correspondence to Xinyu Li.

Additional information

Publisher's Note

Springer Nature remains neutral with regard to jurisdictional claims in published maps and institutional affiliations.

Rights and permissions

Reprints and permissions

About this article

Check for updates. Verify currency and authenticity via CrossMark

Cite this article

Li, X., Xu, J. & Zhang, Z. Revisiting the Security of Qian et al.’s Revised Tree-\(\hbox {LSHB}^+\) Protocol. Wireless Pers Commun 106, 321–343 (2019). https://doi.org/10.1007/s11277-019-06164-w

Download citation

  • Published:

  • Issue Date:

  • DOI: https://doi.org/10.1007/s11277-019-06164-w

Keywords

Search

Navigation