Weakness of Ultra-Lightweight Mutual Authentication PRotocol for IoT Devices Using RFlD Tags

Internet of Things (IoT) has stimulated great interest in many researchers owing to its capability to connect billions of physical devices to the internet via heterogeneous access network. Security is a paramount aspect of IoT that needs to be addressed urgently to keep sensitive data private. Howev...

Full description

Saved in:
Bibliographic Details
Main Authors: Khor, Jing Huey, Sidorov, Michail
Format: Conference Proceeding
Language:English
Subjects:
Authentication
Internet of Things
IoT
mutual authentication
Protocols
RFID
RFID tags
Servers
Synchronization
Online Access:Request full text
Tags: Add Tag
No Tags, Be the first to tag this record!
Description
Summary:Internet of Things (IoT) has stimulated great interest in many researchers owing to its capability to connect billions of physical devices to the internet via heterogeneous access network. Security is a paramount aspect of IoT that needs to be addressed urgently to keep sensitive data private. However, from previous research studies, a number of security flaws in terms of keeping data private can be identified. Tewari and Gupta proposed an ultra-lightweight mutual authentication protocol that utilizes bitwise operation to achieve security in IoT networks that use RFID tags. The protocol is improved by Wang et. al. to prevent a full key disclosure attack. However, this paper shows that both of the protocols are susceptible to full disclosure, man-in-the-middle, tracking, and desynchronization attacks. A detailed security analysis is conducted and results are presented to prove their vulnerability. Based on the aforementioned analysis, the protocol is modified and improved using a three pass mutual authentication. GNY logic is used to formally verify the security of the protocol.
ISSN:2573-3311
DOI:10.1109/ICIST.2018.8426178