Internet of Things (IoT) is an evolving architecture which connects multiple devices to Internet for communication or receiving updates from a cloud or a server. In future, the number of these connected devices will increase immensely making them an indistinguishable part of our daily lives. Although these devices make our lives more comfortable, they also put our personal information at risk. Therefore, security of these devices is also a major concern today. In this paper, we propose an ultra-lightweight mutual authentication protocol which uses only bitwise operation and thus is very efficient in terms of storage and communication cost. In addition, the computation overhead is very low. We have also compared our proposed work with the existing ones which verifies the strength of our protocol, as obtained results are promising. A brief cryptanalysis of our protocol that ensures untraceability is also presented.
This is a preview of subscription content, access via your institution.
Buy single article
Instant access to the full article PDF.
Tax calculation will be finalised during checkout.
Subscribe to journal
Immediate online access to all issues from 2019. Subscription will auto renew annually.
Tax calculation will be finalised during checkout.
Ashton K (2009) That “Internet of Things” thing. RFiD J. http://www.itrco.jp/libraries/RFIDjournal-That%20Internet%20of%20Things%20Thing.pdf. Last accessed August 2016
Stergiou C, Psannis KE (2016) Recent advances delivered by mobile cloud computing and internet of things for big data applications: a survey. Int J Netw Manag. doi:10.1002/nem.1930
Shengdong X, Yuxiang W (2014) Construction of tree network with limited delivery latency in homogeneous wireless sensor networks. Wirel Pers Commun 78(1):231–246
Guo P, Wang J, Li B, Lee S (2014) A variable threshold-value authentication architecture for wireless mesh networks. J Internet Technol 15(6):929–936
Psannis KE (2016) HEVC in wireless environments. J Real-Time Image Process 12(2):509–516
Psannis K (2009) Efficient redundant frames encoding algorithm for streaming video over error prone wireless channels. IEICE ELEX J 6(21):1497–1502
Buckley J (ed) (2006) The internet of things: from RFID to the next-generation pervasive networked systems. Auerbach Publications, New York
Atzori L, Iera A, Morabito G (2010) The internet of things: a survey. Comput Netw 54:2787–2805
Cisco (2016) “IoT Threat Environment”. Available at: http://www.cisco.com/c/dam/en/us/products/collateral/se/internet-of-things/C11-735871.pdf. Last accessed July
Zorzi M, Gluhak A, Lange S, Bassi A (2010) From today’s intranet of things to a future internet of things: a wireless- and mobility-related view. IEEE Wirel Commun 17:43–51
Ning HS, Wang ZO (2011) Future internet of things architecture: like mankind neural system or social organization framework? IEEE Commun Lett 15:461–463
Psannis KE, Xinogalos S, Sifaleras A (2014) Convergence of internet of things and mobile cloud computing. Syst Sci Control Eng Open Access J 2(1):476–483
Near Field Comminications History (2016) “Timeline of RFID technology”. Available at: http://www.nfcnearfieldcommunication.org/timeline.html, Last accessed July
Postscapes (2016) “History of internet of things”. Available at: http://postscapes.com/internet-of-things-history. Last accessed July
Roman R, Najera P, Lopez J (2011) Securing the internet of things. Computer 44(9):51–58
Gubbi J, Buyya R, Marusic S, Palaniswami M (2013) Internet of things (IoT): a vision, architectural elements, and future directions. Futur Gener Comput Syst 29(7):1645–1660
Welbourne E, Battle L, Cole G et al (2009) Building the Internet of things Using RFID: The RFID ecosytem experience. IEEE Computing Society. Available at: http://homes.cs.washington.edu/~magda/papers/welbourne-ieeeic09.pdf. Last accessed July 2016
Khoo B (2011) “RFID as an enabler of the internet of things: issues of security and privacy”. In: Internet of Things (iThings/CPSCom), 2011 International Conference on and 4th International Conference on Cyber, Physical and Social Computing, pp. 709–712
Chris Edwards, (2016) “ RFID tags along with the Internet of Things”, Engineering and Technology magazine vol 9, Issue 8. Available at: http://eandt.theiet.org/magazine/2014/08/tagging-along.cfm, Last accessed July
Thrasher J (2016) “A primer on the internet of things and RFID”. Available at: http://blog.atlasrfidstore.com/internet-of-things-and-rfid. Last accessed July
Bolic M, Simplot-Ryl D, Stojmenovic I (2010) RFID systems: research trends and challenges. Wiley, New York
Chien H-Y (2007) SASI: a new ultralightweight RFID authentication protocol providing strong authentication and strong integrity. IEEE Trans Dependable Secur Comput 4(4):337–340
Henrici A, Muller P (2004) “Hash-based enhancement of location privacy for radio-frequency identification devices using varying identifiers”. In: International Workshop on Pervasive Computing and Communication Security PerSec, Orlando, Florida, USA, pp 149–153 (ISBN: 0-7695-2106-1)
Molnar D, Wagner D (2004) “Privacy and security in library RFID: Issues, practices, and architectures”. In: Conference on Computer and Communications Security—ACM CCS, Washington, DC, USA, pp 210–219 (ISBN:1-58113-961-6)
Weis SA, Sarma SE, Rivest RL, Engels DW (2004) Security and privacy aspects of low-cost radio frequency identification systems. Secur Pervasive Comput LNCS 2802:201–212
Rhee K, Kwak J, Kim S, Won D (2005) Challenge-response based RFID authentication protocol for distributed database environment. Int Conf Secur Pervasive Comput SPC 2005:70–84
Jules A (2006) RFID security and privacy: a research survey. IEEE J Sel Areas Commun 24(2):381–394
Juels A, Weis S (2005) Authenticating pervasive devices with human protocols. CRYPTO’05., vol 3126 of LNCS, IACR. Springer, Heidelberg, pp 293–308
Peris-Lopez P, Hernandez-Castro JC, Estevez-Tapiador J, Ribagorda A (2006) “LMAP: a real lightweight mutual authentication protocol for low-cost RFID tags”. Printed handout of Workshop on RFID Security -RFIDSec 06 July
Peris-Lopez P, Hernandez-Castro JC, Estevez-Tapiador J, Ribagorda A (2006) ”M2AP: a minimalist mutual-authentication protocol for low-cost RFID tags”. Lecture Notes in Computer Science, pp 912–923. Springer, Berlin
Peris-Lopez P, Hernandez-Castro JC, Estevez-Tapiador JM, Ribagorda A (2006) “EMAP: an efficient mutual authentication protocol for low-cost RFID Tags”. OTM Federated Conferences and Workshop: IS Workshop, IS’06, 4277 Lecture Notes in Computer Science, pp 352–361. Springer, Berlin
Peris-Lopez P, Hernandez-Castro JC, Tapiador JME, Ribagorda A (2008) “Advances in ultralightweight cryptography for low-cost RFID tags: Gossamer protocol,”. In: Proceedings of International Workshop on Information Security Applications, pp 56–68
Kelsey J, Schneier B, Wagner D, Hall C (1998) Cryptanalytic attacks on pseudorandom number generators, Fast Software Encryption, LNCS, vol 1372, Springer, Berlin. pp 168–188 (ISBN: 978-3-540-69710-71998)
Erguler I, Unsal C, Anarim E, Saldamli G (2012) Security analysis of an ultra-lightweight RFID authentication protocol-SLMAP*. Secur Comm Netw 5:287–291
Tagra D, Rahman M, Sampalli S (2010) “Technique for preventing DoS attacks on RFID systems”. In: Proceedings of 18th International Conference on Software Telecommunication and Computer Networks (SoftCOM’10), IEEE Computer Society
Juels A, Weis SA (2007) “Defining strong privacy for RFID”. In: Proceedings of Fifth Ann IEEE Int’l Conf. Pervasive Computing and Comm. (PerCom ’07), pp 342–347. http://eprint.iacr.org/2006/137
Phan R (2008) Cryptanalysis of a new ultralightweight RFID authentication protocol—SASI. IEEE Trans Dependable Secur Comput 6(4):316–320
Ouafi K, Phan RC-W (2008) “Traceable privacy of recent provably-secure RFID protocols”. Proceedings of Sixth Int’l Conf. Applied Cryptography and Network Security (ACNS ’08), pp 479–489
Ouafi K, Phan R.C.-W (2008) “Privacy of recent RFID authentication protocols”. In: Proceedings of Fourth Information Security Practice and Experience Conference (ISPEC ’08), pp 263–277,
Hernandez-Castro JC, Tapiador JME, Peris-Lopez P, Quisquater J-J (2008) Cryptanalysis of the sasi ultralightweight rfid authentication protocol with modular rotations. Technical Report arXiv:0811.4257
Tian Y, Chen G, Li J (2012) A new ultralightweight RFID authentication protocol with permutation. IEEE Commun Lett 16(5):702–705
This research work is being funded by Department of Electronic and Information technology (DeitY), Ministry of Communications and IT, Government of India.
About this article
Cite this article
Tewari, A., Gupta, B.B. Cryptanalysis of a novel ultra-lightweight mutual authentication protocol for IoT devices using RFID tags. J Supercomput 73, 1085–1102 (2017). https://doi.org/10.1007/s11227-016-1849-x
- Internet of Things
- RFID tags