IEEE Access (Jan 2024)

An Enhanced Authentication Protocol Suitable for Constrained RFID Systems

  • Mehdi Hosseinzadeh,
  • Mohammad Reza Servati,
  • Amir Masoud Rahmani,
  • Masoumeh Safkhani,
  • Jan Lansky,
  • Renata Janoscova,
  • Omed Hassan Ahmed,
  • Jawad Tanveer,
  • Sang-Woong Lee

DOI
https://doi.org/10.1109/ACCESS.2024.3364690
Journal volume & issue
Vol. 12
pp. 61610 – 61628

Abstract

Read online

RFID technology offers an affordable and user-friendly solution for contactless identification of objects and individuals. However, the widespread adoption of RFID systems raises concerns regarding security and privacy. Vulnerabilities such as message tampering, interception, and eavesdropping pose significant risks to the integrity of the system. This study examines the effectiveness of two recently proposed ultra-lightweight RFID authentication protocols, URASP and KUAJB, in addressing these security challenges. Surprisingly, our findings reveal that both URASP and KUAJB protocols are susceptible to secret disclosure attacks, despite their claims of providing robust security. Consequently, the development of a truly ultra-lightweight protocol that ensures adequate security becomes a formidable task. As a potential solution, the enhancement of the URASP protocol through the integration of a simple cryptographic primitive is suggested to bolster its security measures.

Keywords