Skip to main content
SpringerLink
Log in

A lightweight multi-party authentication in insecure reader-server channel in RFID-based IoT

  • Published:
Peer-to-Peer Networking and Applications Aims and scope Submit manuscript

Abstract

The rapid proliferation of Radio Frequency Identification (RFID) tags in the past decade has made tremendous impact on our daily lives. As part of Internet of Things (IoT), RFID technology ensures an efficient, secure and reliable system to identify tagged objects in supply chain environment such as manufacturing, automotive and healthcare. Several lightweight authentication solutions have been proposed to satisfy optimal security and privacy features of RFID communication. Hopper-Blum (HB) family of protocols that rely on the hard problem of Learning Parity with Noise (LPN) is a series of lightweight authentication protocol used to identify RFID tags. Our study shows that recent RFID authentication protocols from HB family that mostly focus on two party authentication such as tag-reader authentication, in general, cannot be applied directly to a three party authentication such as tag-reader-server authentication. In contrast to typical RFID authentication system, we consider the channel between the reader and back-end server insecure. We focus HB protocol and its variants and propose a modified protocol where the entire system is authenticated under LPN-based scheme.

This is a preview of subscription content, log in via an institution to check access.

Access this article

Log in via an institution

Price excludes VAT (USA)
Tax calculation will be finalised during checkout.

Instant access to the full article PDF.

Institutional subscriptions

Fig. 1
Fig. 2
Fig. 3
Fig. 4
Fig. 5

Similar content being viewed by others

References

  1. Wu F, Xu L, Kumari S, Li X, Das AK, Shen J (2018) A lightweight and anonymous RFID tag authentication protocol with cloud assistance for e-healthcare applications. J Ambient Intell Human Comput 9(4):919–930

    Article  Google Scholar 

  2. Zheng L, Xue Y, Zhang L, Zhang R (2017) Mutual Authentication Protocol for RFID based on ECC. In: IEEE International Conference on Computational Science and Engineering (CSE) and IEEE International Conference on Embedded and Ubiquitous Computing (EUC), vol 2. IEEE, pp 320–323

  3. Gope P, Lee J, Quek TQS (2018) Lightweight and practical anonymous authentication protocol for RFID systems using physically unclonable functions. IEEE Trans Inf Forensic Secur 13.11:2831–2843

  4. BD D, Al-Turjman F, Mostarda L (2019) A Hash-Based RFID Authentication Mechanism for Context-Aware Management in IoT-Based Multimedia Systems. Sensors 19.18:3821

  5. Welbourne E, Battle L, Cole G, Gould K, Rector K, Raymer S, Balazinska M, Borriello G (2009) Building the internet of things using RFID: the RFID ecosystem experience. IEEE Internet Comput 13(3):48–55

    Article  Google Scholar 

  6. Juels A, Weis SA (2005) Authenticating pervasive devices with human protocols. In: Annual international cryptology conference. Springer, Berlin, pp 293–308

  7. Batina L et al (2006) An elliptic curve processor suitable for RFID tags. International Association for Cryptologic Research ePrint Archive

  8. Hopper NJ, Blum M (2001) Secure human identification protocols. In: International conference on the theory and application of cryptology and information security. Springer, Berlin, pp 52–66

  9. Gilbert H, Robshaw M, Sibert H (2005) An active attack against HB+ - a provably secure lightweight authentication protocol: An active attack against HB+ - a provably secure lightweight authentication. Cryptology ePrint Archive Report 2005/237

  10. Bringer J, Chabanne H, Dottax E (2006) HB++: A lightweight authentication protocol secure against some attacks. In: SecPerU, pp 28–33

  11. Munilla J, Alberto P (2007) HB-MP A Further step in the HB-family of lightweight authentication protocols. Comput Netw 51(9):2262–2267

    Article  Google Scholar 

  12. Gilbert H, Robshaw MJB, Seurin Y (2008) Good variants of HB+ are hard to find. In: Tsudik G (ed) FC 2008, volume 5143 of LNCS. Springer, pp 156–170

  13. Ouafi K, Overbeck R, Vaudenay S (2008) On the security of HB# against a man-in-the-middle attack. In: International Conference on the Theory and Application of Cryptology and Information Security. Springer, Berlin, pp 108–124

  14. Nguyen TD, Pham HTB, Van HD (2010) An efficient Pseudo Inverse matrix-based solution for secure auditing. In: IEEE RIVF International Conference on Computing & Communication Technologies, Research, Innovation, and Vision for the Future (RIVF). IEEE, pp 1–6

  15. MSI Mamun, Miyaji A (2014) A privacy-preserving efficient RFID authentication protocol from SLPN assumption. International Journal of Computational Science and Engineering (IJCSE), Special Issue on Converged Networks, Technologies and Applications, Inderscience Publishers, vol 9

  16. Li X, Xu J, Zhang Z (2019) Revisiting the Security of Qian others.’s Revised tree-LSHB+ Protocol. Wirel Person Commun 106(2):321–343

    Article  Google Scholar 

  17. Cao X, O’Neill M (2011) F-HB: An efficient forward private protocol. In: 2011 Workshop on Lightweight Security & Privacy: Devices, Protocols, and Applications. IEEE, pp 53–60

  18. Billet O, Etrog J, Gilbert H (2010) Lightweight privacy preserving authentication for RFID using a stream cipher. In: International Workshop on Fast Software Encryption. Springer, Berlin, pp 55–74

  19. Leng X, Mayes K, Markantonakis K (2008) HB-MP+ protocol: An improvement on the HB-MP protocol. In: 2008 IEEE international conference on RFID. IEEE, pp 118–124

  20. Applebaum B, Ishai Y, Kushilevitz E (2009) Cryptography with constant input locality. J Cryptol 22(4):429–469

    Article  MathSciNet  Google Scholar 

  21. Mamun MSI, Miyaji A, Rahman M (2012) A Secure and Private RFID Authentication Protocol under SLPN Problem. NSS2012, LNCS 7645, pp 476–489

  22. Jain A, Krenn S, Pietrzak K, Tentes A (2012) Commitments and Efficient Zero-Knowledge Proofs from Learning Parity with Noise. ASIACRYPT 2012, LNCS 7658, pp 663–680

  23. Park T, Seo H, Kim J, Park H, Kim H (2018) Efficient parallel implementation of matrix multiplication for Lattice-Based cryptography on modern ARM processor. Security and Communication Networks

  24. Deng RH, Li Y, Yung M, Zhao Y (2010) A new framework for RFID privacy. In: European Symposium on Research in Computer Security. Springer, Berlin, pp 1–18

  25. Rizomiliotis P, Gritzalis S (2012) GHB#: A provably secure HB-like lightweight authentication protocol. In: International Conference on Applied Cryptography and Network Security. Springer, Berlin, pp 489–506

  26. Micciancio D, Mol P (2011) Pseudorandom Knapsacks and the Sample Complexity of LWE Search-to-Decision Reductions. CRYPTO 2011, volume 6841 of LNCS. Springer, pp 465–484

  27. Katz J, Shin JS, Smith A (2010) Parallel and concurrent security of the HB and HB+ protocols. J Cryptol 23(3):402–421

    Article  MathSciNet  Google Scholar 

  28. Moriyama D, Matsuo SI, Ohkubo M (2012) Relations among notions of privacy for RFID authentication protocols. In: Computer Security– ESORICS. Springer LNCS, pp 661–678

  29. IoT and RFID: What’s the Connection?. RFID journal expert views. https://rfidjournal.com/iot-and-rfid-whats-the-connection, Accessed 7 July 2020

  30. The Role of RFID Technology and Internet of Things in Healthcare. Digitium IoT Software, https://digiteum.com/rfid-technology-internet-of-things. Accessed 10 July 2020

  31. Jo S, Lee J, Han J, Ghose S (2020) P2P Computing for intelligence of things. Peer-to-Peer Netw Appl 13(2):575–578

    Article  Google Scholar 

  32. Get smarter about the many benefits of P2P IoT. Nabto Inc. P2P IoT solution. https://www.nabto.com/p2p-explainer/, Accessed 10 July 2020

  33. He XU, WANG SP, WANG RC, WANG ZQ (2011) Efficient P2P-based mutual authentication protocol for RFID system security of EPC network using asymmetric encryption algorithm. J China Univ Posts Telecommun 18:40–47

    Google Scholar 

  34. Guo Q, Johansson T (2020) Carl löndahl Solving LPN Using Covering Codes. J Cryptol 33.1:1–33

  35. Bagadia K, Urbi Chatterjee DBR, Mukhopadhyay D, Chakraborty RS (2019) Revisiting the Security of LPN Based RFID Authentication Protocol and Potential Exploits in Hardware Implementations. In: International Conference on Security, Privacy, and Applied Cryptography Engineering. Springer, Cham, pp 214–230

Download references

Author information

Authors and Affiliations

  1. Digital Technology, National Research Council of Canada/Government of Canada, Fredericton, Canada

    Mohammad Mamun

  2. Osaka University, Osaka, Japan

    Atsuko Miyaji

  3. Faculty of Computer Science, University of New Brunswick, Fredericton, Canada

    Rongxing Luv

  4. The University of Aizu, Fukushima, Japan

    Chunhua Su

Authors
  1. Mohammad Mamun
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. Atsuko Miyaji
    View author publications

    You can also search for this author in PubMed Google Scholar

  3. Rongxing Luv
    View author publications

    You can also search for this author in PubMed Google Scholar

  4. Chunhua Su
    View author publications

    You can also search for this author in PubMed Google Scholar

Corresponding author

Correspondence to Mohammad Mamun.

Additional information

Publisher’s note

Springer Nature remains neutral with regard to jurisdictional claims in published maps and institutional affiliations.

Rights and permissions

Reprints and permissions

About this article

Check for updates. Verify currency and authenticity via CrossMark

Cite this article

Mamun, M., Miyaji, A., Luv, R. et al. A lightweight multi-party authentication in insecure reader-server channel in RFID-based IoT. Peer-to-Peer Netw. Appl. 14, 708–721 (2021). https://doi.org/10.1007/s12083-020-01007-z

Download citation

  • Received:

  • Accepted:

  • Published:

  • Issue Date:

  • DOI: https://doi.org/10.1007/s12083-020-01007-z

Keywords

Search

Navigation