The University of Southampton
University of Southampton Institutional Repository

Weakness of ultra-lightweight mutual authentication protocol for IoT devices using RFlD tags

Weakness of ultra-lightweight mutual authentication protocol for IoT devices using RFlD tags
Weakness of ultra-lightweight mutual authentication protocol for IoT devices using RFlD tags

Internet of Things (IoT) has stimulated great interest in many researchers owing to its capability to connect billions of physical devices to the internet via heterogeneous access network. Security is a paramount aspect of IoT that needs to be addressed urgently to keep sensitive data private. However, from previous research studies, a number of security flaws in terms of keeping data private can be identified. Tewari and Gupta proposed an ultra-lightweight mutual authentication pRotocol that utilizes bitwise operation to achieve security in IoT networks that use RFID tags. The pRotocol is improved by Wang et. al. to prevent a full key disclosure attack. However, this paper shows that both of the pRotocols are susceptible to full disclosure, man-in-the-middle, tracking, and de-synchronization attacks. A detailed security analysis is conducted and results are presented to prove their vulnerability. Based on the aforementioned analysis, the pRotocol is modified and improved using a three pass mutual authentication. GNY logic is used to formally verify the security of the pRotocol.

IoT, mutual authentication, RFID
91-97
IEEE
Khor, Jing Huey
45840b0e-4bd3-4f49-8a97-fc00d3ad683e
Sidorov, Michail
0a2501d4-8a93-4715-aa5e-3c5354761645
Khor, Jing Huey
45840b0e-4bd3-4f49-8a97-fc00d3ad683e
Sidorov, Michail
0a2501d4-8a93-4715-aa5e-3c5354761645

Khor, Jing Huey and Sidorov, Michail (2018) Weakness of ultra-lightweight mutual authentication protocol for IoT devices using RFlD tags. In 8th International Conference on Information Science and Technology, ICIST 2018. IEEE. pp. 91-97 . (doi:10.1109/ICIST.2018.8426178).

Record type: Conference or Workshop Item (Paper)

Abstract

Internet of Things (IoT) has stimulated great interest in many researchers owing to its capability to connect billions of physical devices to the internet via heterogeneous access network. Security is a paramount aspect of IoT that needs to be addressed urgently to keep sensitive data private. However, from previous research studies, a number of security flaws in terms of keeping data private can be identified. Tewari and Gupta proposed an ultra-lightweight mutual authentication pRotocol that utilizes bitwise operation to achieve security in IoT networks that use RFID tags. The pRotocol is improved by Wang et. al. to prevent a full key disclosure attack. However, this paper shows that both of the pRotocols are susceptible to full disclosure, man-in-the-middle, tracking, and de-synchronization attacks. A detailed security analysis is conducted and results are presented to prove their vulnerability. Based on the aforementioned analysis, the pRotocol is modified and improved using a three pass mutual authentication. GNY logic is used to formally verify the security of the pRotocol.

This record has no associated files available for download.

More information

e-pub ahead of print date: 30 June 2018
Published date: 6 August 2018
Venue - Dates: 8th International Conference on Information Science and Technology, ICIST 2018, , Cordoba, Granada, and Seville, Spain, 2018-06-30 - 2018-07-06
Keywords: IoT, mutual authentication, RFID

Identifiers

Local EPrints ID: 424932
URI: http://eprints.soton.ac.uk/id/eprint/424932
PURE UUID: 64438469-ae02-4e27-9747-2fa2d8f29873

Catalogue record

Date deposited: 05 Oct 2018 16:30
Last modified: 15 Mar 2024 21:39

Export record

Altmetrics

Contributors

Author: Jing Huey Khor
Author: Michail Sidorov

Download statistics

Downloads from ePrints over the past year. Other digital versions may also be available to download e.g. from the publisher's website.

View more statistics

Atom RSS 1.0 RSS 2.0

Contact ePrints Soton: eprints@soton.ac.uk

ePrints Soton supports OAI 2.0 with a base URL of http://eprints.soton.ac.uk/cgi/oai2

This repository has been built using EPrints software, developed at the University of Southampton, but available to everyone to use.

We use cookies to ensure that we give you the best experience on our website. If you continue without changing your settings, we will assume that you are happy to receive cookies on the University of Southampton website.

×