Cryptology ePrint Archive: Report 2018/388

Security Analysis of Fan et al. Lightweight RFID Authentication Protocol for Privacy Protection in IoT

Seyed Farhad Aghili and Hamid Mala

Abstract: The designers of Radio-Frequency IDentification (RFID) systems have a challenging task for proposing secure mutual authentication protocols for Internet of Things (IoT) applications. Recently, Fan et al. proposed a new lightweight RFID mutual authentication protocol in the journal of IEEE Transactions on Industrial Informatics. They claimed that their protocol meets necessary security properties for RFID systems and can be applied for IoT. In this paper, we analyze the security of this protocol and show that it is vulnerable against secret disclosure, reader impersonation and tag traceability attacks. Additionally, we show that in their protocol the anonymity of the tag does not held.

Category / Keywords: cryptographic protocols / RFID, IoT, Secret disclosure, Impersonation attack, Anonymity

Date: received 29 Apr 2018

Contact author: aghili farhad60 at gmail com

Available format(s): PDF | BibTeX Citation

Version: 20180501:121340 (All versions of this report)

Short URL: ia.cr/2018/388


[ Cryptology ePrint archive ]