Please use this identifier to cite or link to this item: http://hdl.handle.net/20.500.12323/4850
Title: A New Strong Adversary Model for RFID Authentication Protocols
Authors: Hosseinzadeh, Mehdi
Lansky, Jan
Rahmani, Amir Masoud
Trinh, Cuong
Safkhani, Masoumeh
Bagheri, Nasour
Huynh, Bao
Keywords: Adversary model
IoT
RFID
authentication
security analysis
scyther tool
GNY logic
Issue Date: 20-Jul-2020
Publisher: IEEE
Citation: IEEE Journal of Quantum Electronics
Series/Report no.: Vol. 8;
Abstract: Radio Frequency Identification (RFID) systems represent a key technology for ubiquitous computing and for the deployment of the Internet of Things (IoT). In RFID technology, authentication protocols are often necessary in order to confirm the identity of the parties involved (i.e. RFID readers, RFID tags and/or database servers). In this article, we analyze the security of a mutual authentication protocol proposed by Wang and Ma. Our security analysis clearly shows major security pitfalls in this protocol. Firstly, we show two approaches that an adversary may use to mislead an honest reader into thinking that it is communicating with a legitimate database. Secondly, we show how an adversary that has compromised some tags can impersonate an RFID reader to a legitimate database. Furthermore, we present a new adversary model, which pays heed on cases missed by previous proposals. In contrast to previous models where the communication between an RFID reader and a back-end server is through a secure channel, our model facilitates the security analysis of more general schemes where this communication channel (RFID reader-to-server) is insecure. This model determines whether the compromise of RFID tags has any impact on the security of the readerto-server communication or vice versa. In a secure protocol, the possible compromise of RFID tags should not affect the RFID reader-server communication. In this paper, we show that compromising of RFID tags in Wang and Ma protocol has a direct impact on the reader-server security. Finally, we propose a new authentication protocol that offers an adequate security level and is resistant against the mentioned security risks. The security proofs of the proposed protocol are supported with Gong-Needham-Yahalom (GNY) logic and Scyther tool, which are formal methods to evaluate the security of a cryptographic protocol.
URI: http://hdl.handle.net/20.500.12323/4850
Appears in Collections:Publication

Files in This Item:
File Description SizeFormat 
A New Strong Adversary Model for RFID Authentication Protocols.pdf1.62 MBAdobe PDFView/Open


Items in DSpace are protected by copyright, with all rights reserved, unless otherwise indicated.