Double verification protocol via secret sharing for low-cost RFID tags

RFID tags have become ubiquitous and cheaper to implement. It is often imperative to design ultralightweight authentication protocols for such tags. Many existing protocols still rely on triangular functions, which have been shown to have security and privacy vulnerabilities. This work proposes UMAP...

Full description

Saved in:
Bibliographic Details
Published in:Future generation computer systems 2019-01, Vol.90, p.118-128
Main Authors: Liu, Y., Ezerman, M.F., Wang, H.
Format: Article
Language:English
Subjects:
Low-cost
Mutual authentication
RFID
Secret sharing
Ultralightweight
Citations: Items that this one cites
Items that cite this one
Online Access:Get full text
Tags: Add Tag
No Tags, Be the first to tag this record!
Description
Summary:RFID tags have become ubiquitous and cheaper to implement. It is often imperative to design ultralightweight authentication protocols for such tags. Many existing protocols still rely on triangular functions, which have been shown to have security and privacy vulnerabilities. This work proposes UMAPSS, an ultralightweight mutual-authentication protocol based on Shamir’s(2,n) secret sharing. It includes mechanisms for double verification, session control, mutual authentication, and dynamic update to enhance security and provide a robust privacy protection. The protocol relies only on two simple bitwise operations, namely addition modulo2mand a circular shiftRot(x,y), on the tag’s end. It avoids other, unbalanced, triangular operations. A security analysis shows that the protocol has excellent privacy properties while offering a robust defense against a broad range of typical attacks. It satisfies common security and the low-cost requirements for RFID tags. It is competitive against existing protocol, scoring favourably in terms of computational cost, storage requirement, and communication overhead. •This is an ultralightweight mutual-authentication protocol based on secret sharing.•It has mechanisms for double verification, authentication, and dynamic update.•It offers a robust defense against a broad range of typical attacks.•It is competitive against existing protocol in terms of various costs.
ISSN:0167-739X
1872-7115
DOI:10.1016/j.future.2018.07.004