On the security of a new ultra-lightweight authentication protocol in IoT environment for RFID tags

King Hang Wang; Chien Ming Chen; Weicheng Fang; Tsu Yang Wu

doi:10.1007/s11227-017-2105-8

On the security of a new ultra-lightweight authentication protocol in IoT environment for RFID tags

King Hang Wang
, Chien Ming Chen^*
, Weicheng Fang
, Tsu Yang Wu

^*Corresponding author for this work

Department of Computer Science

Research output: Contribution to journal › Journal article › peer-review

130 Citations (Scopus)

Abstract

Recently, Tewari and Gupta proposed a ultra-lightweight mutual authentication protocol in IoT environments for RFID tags. Their protocol aims to provide secure communication with least cost in both storage and computation. Unfortunately, in this paper, we exploit the vulnerability of this protocol. In this attack, an attacker can obtain the key shared between a back-end database server and a tag. We also explore the possibility in patching the system with some modifications.

Original language	English
Pages (from-to)	65-70
Number of pages	6
Journal	Journal of Supercomputing
Volume	74
Issue number	1
Early online date	30 Jun 2017
DOIs	https://doi.org/10.1007/s11227-017-2105-8
Publication status	Published - Jan 2018

UN SDGs

This output contributes to the following UN Sustainable Development Goals (SDGs)

SDG 16 Peace, Justice and Strong Institutions

User-Defined Keywords

Cryptanalysis
IoT
Mutual authentication
RFID

Access to Document

10.1007/s11227-017-2105-8

Cite this

@article{730804bc1a43478781c578eb0f9e278f,

title = "On the security of a new ultra-lightweight authentication protocol in IoT environment for RFID tags",

abstract = "Recently, Tewari and Gupta proposed a ultra-lightweight mutual authentication protocol in IoT environments for RFID tags. Their protocol aims to provide secure communication with least cost in both storage and computation. Unfortunately, in this paper, we exploit the vulnerability of this protocol. In this attack, an attacker can obtain the key shared between a back-end database server and a tag. We also explore the possibility in patching the system with some modifications.",

keywords = "Cryptanalysis, IoT, Mutual authentication, RFID",

author = "Wang, \{King Hang\} and Chen, \{Chien Ming\} and Weicheng Fang and Wu, \{Tsu Yang\}",

note = "Funding was provided by National Natural Science Foundation of China (CN) (Grant No. 61402135) and Shenzhen Technical Project (Grant No. JCYJ20150513151706574). Publisher Copyright: {\textcopyright} 2017, Springer Science+Business Media, LLC.",

year = "2018",

month = jan,

doi = "10.1007/s11227-017-2105-8",

language = "English",

volume = "74",

pages = "65--70",

journal = "Journal of Supercomputing",

issn = "0920-8542",

publisher = "Springer Netherlands",

number = "1",

}

TY - JOUR

T1 - On the security of a new ultra-lightweight authentication protocol in IoT environment for RFID tags

AU - Wang, King Hang

AU - Chen, Chien Ming

AU - Fang, Weicheng

AU - Wu, Tsu Yang

N1 - Funding was provided by National Natural Science Foundation of China (CN) (Grant No. 61402135) and Shenzhen Technical Project (Grant No. JCYJ20150513151706574). Publisher Copyright: © 2017, Springer Science+Business Media, LLC.

PY - 2018/1

Y1 - 2018/1

N2 - Recently, Tewari and Gupta proposed a ultra-lightweight mutual authentication protocol in IoT environments for RFID tags. Their protocol aims to provide secure communication with least cost in both storage and computation. Unfortunately, in this paper, we exploit the vulnerability of this protocol. In this attack, an attacker can obtain the key shared between a back-end database server and a tag. We also explore the possibility in patching the system with some modifications.

AB - Recently, Tewari and Gupta proposed a ultra-lightweight mutual authentication protocol in IoT environments for RFID tags. Their protocol aims to provide secure communication with least cost in both storage and computation. Unfortunately, in this paper, we exploit the vulnerability of this protocol. In this attack, an attacker can obtain the key shared between a back-end database server and a tag. We also explore the possibility in patching the system with some modifications.

KW - Cryptanalysis

KW - IoT

KW - Mutual authentication

KW - RFID

UR - https://www.scopus.com/pages/publications/85021770834

U2 - 10.1007/s11227-017-2105-8

DO - 10.1007/s11227-017-2105-8

M3 - Journal article

AN - SCOPUS:85021770834

SN - 0920-8542

VL - 74

SP - 65

EP - 70

JO - Journal of Supercomputing

JF - Journal of Supercomputing

IS - 1

ER -

On the security of a new ultra-lightweight authentication protocol in IoT environment for RFID tags

Abstract

UN SDGs

User-Defined Keywords

Access to Document

Other files and links

Fingerprint

Cite this