Another Improvement of RAPP: An Ultra-lightweight Authentication Protocol for RFID

  • Xinying ZhengEmail author
  • Chien-Ming Chen
  • Tsu-Yang Wu
  • Eric Ke Wang
  • Tsui-Ping Chung
Conference paper
Part of the Advances in Intelligent Systems and Computing book series (AISC, volume 297)


RFID technology has received increasing attention; however, most of the RFID products lack security due to the hardware limitation of the low-cost RFID tags. Recently, an ultra-lightweight authentication protocol named RAPP has been proposed. Unfortunately, RAPP is insecure against several attacks. In this paper, we propose an improvement of RAPP. Security analysis demonstrated that our protocol can resist several kinds of attacks.


RFID mutual authentication security protocol 


Unable to display preview. Download preview PDF.

Unable to display preview. Download preview PDF.


  1. 1.
    Tian, Y., Chen, G., Li, J.: A new ultralightweight rfid authentication protocol with permutation. IEEE Communications Letters 16(5), 702–705 (2012)CrossRefGoogle Scholar
  2. 2.
    Chen, C.M., Lin, Y.H., Chen, Y.H., Sun, H.M.: Sashimi: secure aggregation via successively hierarchical inspecting of message integrity on wsn. Journal of Information Hiding and Multimedia Signal Processing 4(1), 57–72 (2013)CrossRefGoogle Scholar
  3. 3.
    Wei-Chi, K., Chien-Ming, C., Hui-Lung, L.: Cryptanalysis of a variant of peyravian-zunic’s password authentication scheme. IEICE Transactions on Communications 86(5), 1682–1684 (2003)Google Scholar
  4. 4.
    Wu, T.Y., Tseng, Y.M.: Further analysis of pairing-based traitor tracing schemes for broadcast encryption. Security and Communication Networks 6(1), 28–32 (2013)CrossRefGoogle Scholar
  5. 5.
    Chen, C.M., Wang, K.H., Wu, T.Y., Pan, J.S., Sun, H.M.: A scalable transitive human-verifiable authentication protocol for mobile devices. IEEE Transactions on Information Forensics and Security 8(8), 1318–1330 (2013)CrossRefGoogle Scholar
  6. 6.
    Hong, T.P., Lin, C.W., Yang, K.T., Wang, S.L.: Using tf-idf to hide sensitive itemsets. Applied Intelligence, 1–9 (2013)Google Scholar
  7. 7.
    Chien-Ming, C., Wei-Chi, K.: Stolen-verifier attack on two new strong-password authentication protocols. IEICE Transactions on Communications 85(11), 2519–2521 (2002)Google Scholar
  8. 8.
    Wu, T.Y., Tseng, Y.M.: Publicly verifiable multi-secret sharing scheme from bilinear pairings. IET Information Security 7(3), 239–246 (2013)CrossRefGoogle Scholar
  9. 9.
    Chen, C.M., Chen, Y.H., Lin, Y.H., Sun, H.M.: Eliminating rouge femtocells based on distance bounding protocol and geographic information. Expert Systems with Applications 41(2), 426–433 (2014)CrossRefMathSciNetGoogle Scholar
  10. 10.
    Sun, H.M., Wang, H., Wang, K.H., Chen, C.M.: A native apis protection mechanism in the kernel mode against malicious code. IEEE Transactions on Computers 60(6), 813–823 (2011)CrossRefMathSciNetGoogle Scholar
  11. 11.
    Peris-Lopez, P., Hernandez-Castro, J.C., Estevez-Tapiador, J.M., Ribagorda, A.: M2AP: A Minimalist Mutual-Authentication Protocol for Low-cost RFID Tags. In: Ma, J., Jin, H., Yang, L.T., Tsai, J.J.-P. (eds.) UIC 2006. LNCS, vol. 4159, pp. 912–923. Springer, Heidelberg (2006)CrossRefGoogle Scholar
  12. 12.
    Peris-Lopez, P., Hernandez-Castro, J.C., Estevez-Tapiador, J.M., Ribagorda, A.: EMAP: An efficient mutual-authentication protocol for low-cost RFID tags. In: Meersman, R., Tari, Z., Herrero, P. (eds.) OTM 2006 Workshops. LNCS, vol. 4277, pp. 352–361. Springer, Heidelberg (2006)CrossRefGoogle Scholar
  13. 13.
    Peris-Lopez, P., Hernandez-Castro, J., Estevez-Tapiador, J., Ribagorda, A.: LMAP: A Real Lightweight Mutual Authentication Protocol for Low-Cost RFID tags. In: Proc. of the 2nd Workshop on RFID Security (2006)Google Scholar
  14. 14.
    Li, T., Wang, G.: Security Analysis of Two Ultra-Lightweight RFID Authentication Protocols. In: Venter, H., Eloff, M., Labuschagne, L., Eloff, J., von Solms, R. (eds.) New Approaches for Security, Privacy and Trust in Complex Environments. IFIP, vol. 232, pp. 109–120. Springer, Boston (2007)CrossRefGoogle Scholar
  15. 15.
    Li, T., Deng, R.: Vulnerability Analysis of EMAP-an Efficient RFID Mutual Authentication Protocol. In: Proc. of the 2nd Inter. Conf. on Availability, Reliability and Security, pp. 238–245 (2007)Google Scholar
  16. 16.
    Chien, H.Y.: SASI: A New Ultralightweight RFID Authentication Protocol Providing Strong Authentication and Strong Integrity. IEEE Trans. on Dependable and Secure Computing 4(4), 337–340 (2007)CrossRefGoogle Scholar
  17. 17.
    Cao, T., Bertino, E., Lei, H.: Security analysis of the sasi protocol. IEEE Transactions on Dependable and Secure Computing 6(1), 73–77 (2009)CrossRefGoogle Scholar
  18. 18.
    Sun, H.M., Ting, W.C., Wang, K.H.: On the Security of Chien’s Ultralightweight RFID Authentication Protocol. IEEE Trans. on Dependable and Secure Computing 8(2), 315–317 (2009)CrossRefGoogle Scholar
  19. 19.
    D’Arco, P., De Santis, A.: On ultralightweight rfid authentication protocols. IEEE Transactions on Dependable and Secure Computing 8(4), 548–563 (2011)CrossRefGoogle Scholar
  20. 20.
    Phan, R.W.: Cryptanalysis of a New Ultralightweight RFID Authentication Protocol – SASI. IEEE Trans. on Dependable and Secure Computing 6(4), 316–320 (2009)CrossRefGoogle Scholar
  21. 21.
    Hernandez-Castro, J.C., Tapiador, J.M., Peris-Lopez, P., Quisquater, J.J.: Cryptanalysis of the sasi ultralightweight rfid authentication protocol with modular rotations. arXiv preprint arXiv:0811.4257 (2008)Google Scholar
  22. 22.
    Peris-Lopez, P., Hernandez-Castro, J.C., Tapiador, J.M.E., Ribagorda, A.: Advances in ultralightweight cryptography for low-cost RFID tags: Gossamer protocol. In: Chung, K.-I., Sohn, K., Yung, M. (eds.) WISA 2008. LNCS, vol. 5379, pp. 56–68. Springer, Heidelberg (2009)CrossRefGoogle Scholar
  23. 23.
    Bilal, Z., Masood, A., Kausar, F.: Security analysis of ultra-lightweight cryptographic protocol for low-cost rfid tags: Gossamer protocol. In: International Conference on Network-Based Information Systems, NBIS 2009, pp. 260–267. IEEE (2009)Google Scholar
  24. 24.
    Yeh, K.H., Lo, N.: Improvement of two lightweight rfid authentication protocols. Information Assurance and Security Letters 1, 6–11 (2010)Google Scholar
  25. 25.
    Tagra, D., Rahman, M., Sampalli, S.: Technique for preventing dos attacks on rfid systems. In: 2010 International Conference on Software, Telecommunications and Computer Networks (SoftCOM), pp. 6–10. IEEE (2010)Google Scholar
  26. 26.
    David, M., Prasad, N.R.: Providing strong security and high privacy in low-cost rfid networks. In: Schmidt, A.U., Lian, S. (eds.) MobiSec 2009. LNICST, vol. 17, pp. 172–179. Springer, Heidelberg (2009)CrossRefGoogle Scholar
  27. 27.
    Hernandez-Castro, J.C., Peris-Lopez, P., Phan, R.C.W., Tapiador, J.M.: Cryptanalysis of the david-prasad rfid ultralightweight authentication protocol. In: Radio Frequency Identification: Security and Privacy Issues. Springer (2010) 22–34CrossRefGoogle Scholar
  28. 28.
    Eghdamian, A., Samsudin, A.: A secure protocol for ultralightweight radio frequency identification (rfid) tags. In: Abd Manaf, A., Zeki, A., Zamani, M., Chuprat, S., El-Qawasmeh, E. (eds.) ICIEIS 2011, Part I. CCIS, vol. 251, pp. 200–213. Springer, Heidelberg (2011)CrossRefGoogle Scholar
  29. 29.
    Avoine, G., Carpent, X.: Yet another ultralightweight authentication protocol that is broken. In: Hoepman, J.-H., Verbauwhede, I. (eds.) RFIDSec 2012. LNCS, vol. 7739, pp. 20–30. Springer, Heidelberg (2013)CrossRefGoogle Scholar
  30. 30.
    Shao-hui, W., Zhijie, H., Sujuan, L., Dan-wei, C.: Security analysis of rapp an rfid authentication protocol based on permutation. Technical report, Cryptology ePrint Archive, Report 2012/327 (2012)Google Scholar
  31. 31.
    Ahmadian, Z., Salmasizadeh, M., Aref, M.R.: Desynchronization attack on rapp ultralightweight authentication protocol. Information Processing Letters 113(7), 205–209 (2013)CrossRefzbMATHMathSciNetGoogle Scholar
  32. 32.
    Zhuang, X., Wang, Z.H., Chang, C.C., Zhu, Y.: Security analysis of a new ultra-lightweight rfid protocol and its improvement. Journal of Information Hiding and Multimedia Signal Processing 4(3) (2013)Google Scholar

Copyright information

© Springer International Publishing Switzerland 2014

Authors and Affiliations

  • Xinying Zheng
    • 1
    Email author
  • Chien-Ming Chen
    • 1
    • 2
  • Tsu-Yang Wu
    • 1
    • 2
  • Eric Ke Wang
    • 1
    • 2
  • Tsui-Ping Chung
    • 3
  1. 1.School of Computer Science and Technology, Harbin Institute of Technology Shenzhen Graduate SchoolShenzhenChina
  2. 2.Shenzhen Key Laboratory of Internet Information CollaborationShenzhenChina
  3. 3.Department of Industrial EngineeringJilin UniversityChangchunChina

Personalised recommendations