Paper 2018/388

Security Analysis of Fan et al. Lightweight RFID Authentication Protocol for Privacy Protection in IoT

Seyed Farhad Aghili and Hamid Mala

Abstract

The designers of Radio-Frequency IDentification (RFID) systems have a challenging task for proposing secure mutual authentication protocols for Internet of Things (IoT) applications. Recently, Fan et al. proposed a new lightweight RFID mutual authentication protocol in the journal of IEEE Transactions on Industrial Informatics. They claimed that their protocol meets necessary security properties for RFID systems and can be applied for IoT. In this paper, we analyze the security of this protocol and show that it is vulnerable against secret disclosure, reader impersonation and tag traceability attacks. Additionally, we show that in their protocol the anonymity of the tag does not held.

Metadata
Available format(s)
PDF
Category
Cryptographic protocols
Publication info
Preprint. MINOR revision.
Keywords
RFIDIoTSecret disclosureImpersonation attackAnonymity
Contact author(s)
aghili farhad60 @ gmail com
History
2018-05-01: received
Short URL
https://ia.cr/2018/388
License
Creative Commons Attribution
CC BY

BibTeX

@misc{cryptoeprint:2018/388,
      author = {Seyed Farhad Aghili and Hamid Mala},
      title = {Security Analysis of Fan et al. Lightweight RFID Authentication Protocol for Privacy Protection in IoT},
      howpublished = {Cryptology ePrint Archive, Paper 2018/388},
      year = {2018},
      note = {\url{https://eprint.iacr.org/2018/388}},
      url = {https://eprint.iacr.org/2018/388}
}
Note: In order to protect the privacy of readers, eprint.iacr.org does not use cookies or embedded third party content.