Paper 2021/144

\(\chi\)perbp: a Cloud-based Lightweight Mutual Authentication Protocol

Morteza Adeli, Nasour Bagheri, Sadegh Sadeghi, and Saru Kumari


Alongside the development of cloud computing and Internet of Things(IoT), cloud-based RFID is receiving more attention nowadays. Cloud-based RFID system is specifically developed to providing real-time data that can be fed to the cloud for easy access and instant data interpretation. Security and privacy of constrained devices in these systems is a challenging issue for many applications. To deal with this problem, we propose \(\chi\)perbp, a lightweight authentication protocol based on \(\chi\)per component. \(\chi\)per is a hardware/software friendly component that can be implemented using bit-wise operations. To evaluate the performance efficiency of our proposed scheme, we implement the \(\chi\)perbp scheme on a FPGA module Xilinx Kintex-7 using the hardware description language VHDL. Our security and cost analysis of the proposed protocol shows that the proposed protocol provides desired security against various attacks, in a reasonable cost. Also, formal security evaluation using BAN logic and Scyther tool indicates its security correctness. Besides, we analyse the security of a related protocol which has been recently proposed by Fan \textit{et al.} It is a cloud-based lightweight mutual authentication protocol for RFID devices in an IoT system. Although they have claimed security against active and passive adversaries, however, our detailed security analysis in this paper demonstrates major drawbacks of this protocol. More precisely, the proposed attack disclose the tag's secrets efficiently. Given the tag's secrets, any other attack will be trivial.

Available format(s)
Cryptographic protocols
Publication info
Preprint. MINOR revision.
IoTAuthenticationSecurity analysisDesynchronization AttackTag Impersonation AttackReader Impersonation Attack
Contact author(s)
na bagheri @ gmail com
m adeli @ sru ac ir
s sadeghi khu @ gmail com
Saryusiirohi @ gmail com
2021-02-12: received
Short URL
Creative Commons Attribution


      author = {Morteza Adeli and Nasour Bagheri and Sadegh Sadeghi and Saru Kumari},
      title = {\(\chi\)perbp: a Cloud-based Lightweight Mutual Authentication Protocol},
      howpublished = {Cryptology ePrint Archive, Paper 2021/144},
      year = {2021},
      note = {\url{}},
      url = {}
Note: In order to protect the privacy of readers, does not use cookies or embedded third party content.