Weakness of ultra-lightweight mutual authentication protocol for IoT devices using RFlD tags
Weakness of ultra-lightweight mutual authentication protocol for IoT devices using RFlD tags
Internet of Things (IoT) has stimulated great interest in many researchers owing to its capability to connect billions of physical devices to the internet via heterogeneous access network. Security is a paramount aspect of IoT that needs to be addressed urgently to keep sensitive data private. However, from previous research studies, a number of security flaws in terms of keeping data private can be identified. Tewari and Gupta proposed an ultra-lightweight mutual authentication pRotocol that utilizes bitwise operation to achieve security in IoT networks that use RFID tags. The pRotocol is improved by Wang et. al. to prevent a full key disclosure attack. However, this paper shows that both of the pRotocols are susceptible to full disclosure, man-in-the-middle, tracking, and de-synchronization attacks. A detailed security analysis is conducted and results are presented to prove their vulnerability. Based on the aforementioned analysis, the pRotocol is modified and improved using a three pass mutual authentication. GNY logic is used to formally verify the security of the pRotocol.
IoT, mutual authentication, RFID
91-97
Khor, Jing Huey
45840b0e-4bd3-4f49-8a97-fc00d3ad683e
Sidorov, Michail
0a2501d4-8a93-4715-aa5e-3c5354761645
6 August 2018
Khor, Jing Huey
45840b0e-4bd3-4f49-8a97-fc00d3ad683e
Sidorov, Michail
0a2501d4-8a93-4715-aa5e-3c5354761645
Khor, Jing Huey and Sidorov, Michail
(2018)
Weakness of ultra-lightweight mutual authentication protocol for IoT devices using RFlD tags.
In 8th International Conference on Information Science and Technology, ICIST 2018.
IEEE.
.
(doi:10.1109/ICIST.2018.8426178).
Record type:
Conference or Workshop Item
(Paper)
Abstract
Internet of Things (IoT) has stimulated great interest in many researchers owing to its capability to connect billions of physical devices to the internet via heterogeneous access network. Security is a paramount aspect of IoT that needs to be addressed urgently to keep sensitive data private. However, from previous research studies, a number of security flaws in terms of keeping data private can be identified. Tewari and Gupta proposed an ultra-lightweight mutual authentication pRotocol that utilizes bitwise operation to achieve security in IoT networks that use RFID tags. The pRotocol is improved by Wang et. al. to prevent a full key disclosure attack. However, this paper shows that both of the pRotocols are susceptible to full disclosure, man-in-the-middle, tracking, and de-synchronization attacks. A detailed security analysis is conducted and results are presented to prove their vulnerability. Based on the aforementioned analysis, the pRotocol is modified and improved using a three pass mutual authentication. GNY logic is used to formally verify the security of the pRotocol.
This record has no associated files available for download.
More information
e-pub ahead of print date: 30 June 2018
Published date: 6 August 2018
Venue - Dates:
8th International Conference on Information Science and Technology, ICIST 2018, , Cordoba, Granada, and Seville, Spain, 2018-06-30 - 2018-07-06
Keywords:
IoT, mutual authentication, RFID
Identifiers
Local EPrints ID: 424932
URI: http://eprints.soton.ac.uk/id/eprint/424932
PURE UUID: 64438469-ae02-4e27-9747-2fa2d8f29873
Catalogue record
Date deposited: 05 Oct 2018 16:30
Last modified: 15 Mar 2024 21:39
Export record
Altmetrics
Contributors
Author:
Jing Huey Khor
Author:
Michail Sidorov
Download statistics
Downloads from ePrints over the past year. Other digital versions may also be available to download e.g. from the publisher's website.
View more statistics