SpringerLink
Log in

URASP: An ultralightweight RFID authentication scheme using permutation operation

  • Published:
Peer-to-Peer Networking and Applications Aims and scope Submit manuscript

Abstract

Due to low-cost, ease of use and convenience, Radio Frequency IDentification (RFID) is a contactless technology that has become more and more promising for automatic identification of an object and people without physical contact. However, the RFID system faces major issues related to its security and privacy, where an adversary may eavesdrop, temper, modify, and intercept the transmitted messages over a communication channel. To overcome these issues, there is a flexible and effective way to implement an ultralightweight RFID scheme. Therefore, we present an ultralightweight RFID authentication scheme using permutation operation named URASP in this paper. Our proposed scheme integrates permutation and left rotate operation to provide a higher level of security and privacy without increasing storage and computation overhead. In addition, the informal analysis of our proposal illustrates its ability to overcome all known security attacks. We show that the proposed URASP scheme preserves the properties of tags untraceability and information privacy by using Juels and Weis privacy model. The performance analysis has been performed which demonstrates that the proposed scheme outperforms other existing schemes as well as utilizes fewer resources on tags. The verification of our scheme has been done using Scyther simulation tool. Thereafter, the correctness of our scheme has been verified by using BAN logic inference rules. Hence, the proposed scheme is more suited for low-cost passive RFID tags.

This is a preview of subscription content, log in via an institution to check access.

Access this article

Log in via an institution

Subscribe and save

Springer+ Basic
EUR 32.99 /Month
  • Get 10 units per month
  • Download Article/Chapter or Ebook
  • 1 Unit = 1 Article or 1 Chapter
  • Cancel anytime
Subscribe now

Buy Now

Price includes VAT (Canada)

Instant access to the full article PDF.

Institutional subscriptions

Fig. 1
Fig. 2
Fig. 3
Fig. 4
Fig. 5
Fig. 6
Fig. 7
Fig. 8
Fig. 9
Fig. 10

Similar content being viewed by others

References

  1. Adeli M, Bagheri N, Sadeghi S, Kumari S (2021) χ perbp: a cloud-based lightweight mutual authentication protocol

  2. Aghili SF, Mala H (2019) Security analysis of an ultra-lightweight rfid authentication protocol for m-commerce. Int J Commun Syst 32(3):e3837

    Article  Google Scholar 

  3. Aghili SF, Mala H (2020) Tracking and impersonating tags in a crc-based ultralightweight rfid authentication protocol. Peer-to-Peer Netw Appl 13(3):816–824

    Article  Google Scholar 

  4. Ahmadian Z, Salmasizadeh M, Aref MR (2013) Desynchronization attack on rapp ultralightweight authentication protocol. Inf Proc Lett 113(7):205–209

    Article  MathSciNet  MATH  Google Scholar 

  5. Akgün M, Caglayan MU (2013) On the security of recently proposed rfid protocols. IACR Cryptol ePrint Arch 2013:820

  6. Bringer J, Chabanne H, Dottax E (2006) A lightweight authentication protocol secure against some attacks. IEEE Computer Society Washington, DC, USA

  7. Burrows M, Abadi M, Needham RM (1989) A logic of authentication. Proc R Soc London A Math Phys Sci 426(1871):233–271

    MathSciNet  MATH  Google Scholar 

  8. Cao T, Chen X, Doss R, Zhai J, Wise LJ, Zhao Q (2016) Rfid ownership transfer protocol based on cloud. Comput Netw 105:47–59

    Article  Google Scholar 

  9. Chien HY (2006) Secure access control schemes for rfid systems with anonymity. In: 7th International conference on mobile data management (MDM’06), IEEE, pp 96–96

  10. Chien HY (2007) Sasi: A new ultralightweight rfid authentication protocol providing strong authentication and strong integrity. IEEE Trans Depend Secure Comput 4(4):337–340

    Article  Google Scholar 

  11. Chien HY, Chen CH (2007) Mutual authentication protocol for rfid conforming to epc class 1 generation 2 standards. Comput Stand Inter 29(2):254–259

    Article  MathSciNet  Google Scholar 

  12. Chien HY, Huang CW (2007) Security of ultra-lightweight rfid authentication protocols and its improvements. ACM SIGOPS Oper Syst Rev 41(4):83–86

    Article  Google Scholar 

  13. Cho JS, Jeong YS, Park SO (2015) Consideration on the brute-force attack cost and retrieval cost: A hash-based radio-frequency identification (rfid) tag mutual authentication protocol. Comput Math Appl 69(1):58–65

    Article  MATH  Google Scholar 

  14. Cremers CJ (2008) The scyther tool: Verification, falsification, and analysis of security protocols. In: International conference on computer aided verification, Springer, pp 414–418

  15. Cremers CJF (2006) Scyther: Semantics and verification of security protocols. Eindhoven University of Technology Eindhoven, Netherlands

    Google Scholar 

  16. D’Arco P, De Prisco R (2018) Design weaknesses in recent ultralightweight rfid authentication protocols. In: IFIP International conference on ICT systems security and privacy protection, Springer, pp 3–17

  17. Dimitriou T (2016) Key evolving rfid systems: Forward/backward privacy and ownership transfer of rfid tags. Ad Hoc Netw 37:195–208

    Article  Google Scholar 

  18. Duc DN, Park J, Lee H, Kim K (2006) Enhancing security of epcglobal gen-2 rfid tag against traceability and cloning. In: SCIS 2006, institute of electronics, information and communication engineers

  19. Fan K, Ge N, Gong Y, Li H, Su R, Yang Y (2017) An ultra-lightweight rfid authentication scheme for mobile commerce. Peer-to-peer Netw Appl 10(2):368–376

    Article  Google Scholar 

  20. Fan K, Luo Q, Zhang K, Yang Y (2020) Cloud-based lightweight secure rfid mutual authentication protocol in iot. Inform Sci 527:329–340

    Article  MathSciNet  MATH  Google Scholar 

  21. Gao L, Ma M, Shu Y, Wei Y (2014) An ultralightweight rfid authentication protocol with crc and permutation. J Netw Comput Appl 41:37–46

    Article  Google Scholar 

  22. Gao L, Zhang L, Lin F, Ma M (2019) Secure rfid authentication schemes based on security analysis and improvements of the usi protocol. IEEE Access 7:8376–8384

    Article  Google Scholar 

  23. Gilbert H, Robshaw M, Sibert H (2005) Active attack against hb/sup: a provably secure lightweight authentication protocol. Electron Lett 41(21):1169–1170

    Article  Google Scholar 

  24. He D, Zeadally S (2014) An analysis of rfid authentication schemes for internet of things in healthcare environment using elliptic curve cryptography. IEEE Int Things J 2(1):72– 83

    Article  Google Scholar 

  25. Henrici D, Muller P (2004) Hash-based enhancement of location privacy for radio-frequency identification devices using varying identifiers. In: IEEE Annual conference on pervasive computing and communications workshops, 2004. Proceedings of the Second, IEEE, pp 149–153

  26. Hosseinzadeh M, Ahmed OH, Ahmed SH, Trinh C, Bagheri N, Kumari S, Lansky J, Huynh B (2020) An enhanced authentication protocol for rfid systems. IEEE Access 8:126977–126987

    Article  Google Scholar 

  27. Ibrahim A (2019) Review of different classes of rfid authentication protocols. Wireless Netw 25 (3):961–974

    Article  Google Scholar 

  28. Jeon IS, Yoon EJ (2013) A new ultra-lightweight rfid authentication protocol using merge and separation operations. Int J Math Anal 7(52):2583–2593

    Article  Google Scholar 

  29. Juels A, Weis SA (2009) Defining strong privacy for rfid. ACM Trans Inf Syst Sec (TISSEC) 13(1):1–23

    Article  Google Scholar 

  30. Juels A, Molnar D, Wagner D (2005) Security and privacy issues in e-passports. In: First international conference on security and privacy for emerging areas in communications networks (SECURECOMM’05), IEEE, pp 74–88

  31. Kinoshita S, Ohkubo M, Hoshino F, Morohashi G, Shionoiri O, Kanai A (2005) Privacy enhanced active rfid tag. Cognitive Science Research Paper-University of Sussex CSRP 577: 100

    Google Scholar 

  32. Kumar A, Jain AK (2021) Mutual authentication protocol for low cost passive tag in RFID system. Int J Inf Technol 13(3):1209–1215

    MathSciNet  Google Scholar 

  33. Kumar S, Paar C (2006) Are standards compliant elliptic curve cryptosystems feasible on rfid. In: Workshop on RFID security, Citeseer, pp 12–14

  34. Li T, Deng R (2007) Vulnerability analysis of emap-an efficient rfid mutual authentication protocol. In: The second international conference on availability, reliability and security (ARES’07), IEEE, pp 238–245

  35. Li T, Wang G (2007) Security analysis of two ultra-lightweight rfid authentication protocols. In: IFIP international information security conference, Springer, pp 109–120

  36. Liu Y, Ezerman MF, Wang H (2019a) Double verification protocol via secret sharing for low-cost rfid tags. Futur Gener Comput Syst 90:118–128

    Article  Google Scholar 

  37. Liu Y, Sun Q, Wang Y, Zhu L, Ji W (2019b) Efficient group authentication in rfid using secret sharing scheme. Clust Comput 22(4):8605–8611

    Article  Google Scholar 

  38. Liu Y, Yin X, Dong Y, Huang K (2019c) Lightweight authentication scheme with inverse operation on passive rfid tags. J Chin Inst Eng 42(1):74–79

    Article  Google Scholar 

  39. Luo H, Wen G, Su J, Huang Z (2018) Slap: Succinct and lightweight authentication protocol for low-cost rfid system. Wirel Netw 24(1):69–78

    Article  Google Scholar 

  40. Maurya PK, Bagchi S (2018) A secure puf-based unilateral authentication scheme for rfid system. Wirel Pers Commun 103(2):1699–1712

    Article  Google Scholar 

  41. Maurya PK, Pal J, Bagchi S (2017) A coding theory based ultralightweight rfid authentication protocol with crc. Wirel Pers Commun 97(1):967–976

    Article  Google Scholar 

  42. Mujahid U, Najam-ul Islam M, Shami MA (2015) Rcia: A new ultralightweight rfid authentication protocol using recursive hash. Int J Distrib Sensor Netw 11(1):642180

    Article  Google Scholar 

  43. Mujahid U, Najam-ul Islam M, Sarwar S (2017) A new ultralightweight rfid authentication protocol for passive low cost tags: Kmap. Wirel Pers Commun 94(3):725–744

    Article  Google Scholar 

  44. Pakniat N, Eslami Z (2020) Cryptanalysis and improvement of a group rfid authentication protocol. Wirel Netw 26(5):3363–3372

    Article  Google Scholar 

  45. Peris-Lopez P, Hernandez-Castro JC, Estevez-Tapiador JM, Ribagorda A (2006a) Emap: An efficient mutual-authentication protocol for low-cost rfid tags. In: OTM Confederated international conferences” on the move to meaningful internet systems”, Springer, pp 352–361

  46. Peris-Lopez P, Hernandez-Castro JC, Estévez-Tapiador JM, Ribagorda A (2006b) Lmap: A real lightweight mutual authentication protocol for low-cost rfid tags. In: Proc. of 2nd workshop on RFID security, vol 6

  47. Peris-Lopez P, Hernandez-Castro JC, Estevez-Tapiador JM, Ribagorda A (2006c) M2AP: a minimalist mutual-authentication protocol for low-cost rfid tags. In: International conference on ubiquitous intelligence and computing, Springer, pp 912–923

  48. Safkhani M, Bagheri N (2016) Generalized desynchronization attack on umap: Application to rcia, kmap, slap and sasi+ protocols. IACR Cryptol ePrint Arch 2016:905

    Google Scholar 

  49. Safkhani M, Rostampour S, Bendavid Y, Bagheri N (2020) Iot in medical & pharmaceutical: Designing lightweight rfid security protocols for ensuring supply chain integrity. Comput Netw 181:107558

    Article  Google Scholar 

  50. Salem FM, Amin R (2020) A privacy-preserving rfid authentication protocol based on el-gamal cryptosystem for secure tmis. Inform Sci 527:382–393

    Article  MathSciNet  MATH  Google Scholar 

  51. Shariq M, Singh K (2021) A novel vector-space-based lightweight privacy-preserving rfid authentication protocol for iot environment. J Supercomput pp 1–31

  52. Srivastava K, Awasthi AK, Kaul SD, Mittal R (2015) A hash based mutual rfid tag authentication protocol in telecare medicine information system. J Med Syst 39(1):1–5

    Article  Google Scholar 

  53. Tewari A, Gupta B (2017) Cryptanalysis of a novel ultra-lightweight mutual authentication protocol for iot devices using rfid tags. J Supercomput 73(3):1085–1102

    Article  Google Scholar 

  54. Tian Y, Chen G, Li J (2012) A new ultralightweight rfid authentication protocol with permutation. IEEE Commun Lett 16(5):702–705

    Article  Google Scholar 

  55. Trinh C, Huynh B, Lansky J, Mildeova S, Safkhani M, Bagheri N, Kumari S, Hosseinzadeh M (2020) A novel lightweight block cipher-based mutual authentication protocol for constrained environments. IEEE Access 8:165536–165550

    Article  Google Scholar 

  56. Wang KH, Chen CM, Fang W, Wu TY (2018) On the security of a new ultra-lightweight authentication protocol in iot environment for rfid tags. J Supercomput 74(1):65–70

    Article  Google Scholar 

  57. Weis SA (2003) Security and privacy in radio-frequency identification devices. PhD thesis, Massachusetts Institute of Technology

  58. Weis SA, Sarma SE, Rivest RL, Engels DW (2004) Security and privacy aspects of low-cost radio frequency identification systems. In: Security in pervasive computing, Springer, pp 201–212

  59. **ao L, Xu H, Zhu F, Wang R, Li P (2020) Skinny-based rfid lightweight authentication protocol. Sensors 20(5):1366

    Article  Google Scholar 

  60. **e S, Zhang F, Cheng R (2021) Security enhanced RFID authentication protocols for healthcare environment. Wireless Pers Commun 117:71–86

    Article  Google Scholar 

  61. Yang J, Park J, Lee H, Ren K, Kim K (2005a) Mutual authentication protocol for low-cost rfid. In: Workshop on RFID and lightweight crypto, WRLC, pp 17–24

  62. Yang J, Ren K, Kim K (2005b) Security and privacy on authentication protocol for low-cost rfid. In: Symposium on cryptography and information security

  63. Zhuang X, Wang ZH, Chang CC, Zhu Y (2013) Security analysis of a new ultra-lightweight rfid protocol and its improvement. J Inf Hiding Multimed Signal Proc 4(3):166–177

    Google Scholar 

Download references

Acknowledgements

This work was carried out in Secure and Computing laboratory, SC&SS, JNU, New Delhi, India and sponsored by the project entitled “Development of Intelligent Device for Security Enhancement (iEYE)” with sanction order: DST/TDT/DDP12/2017-G.

Author information

Authors and Affiliations

  1. School of Computer and Systems Sciences, JNU, New Delhi, India

    Mohd Shariq & Karan Singh

  2. School of Computer Science and Engineering, Vellore Institute of Technology, Vellore, India

    Pramod Kumar Maurya

  3. Institute of IR 4.0, The National University of Malaysia, 43600, UKM, Bangi, Malaysia

    Ali Ahmadian

  4. School of Mathematical Science, Wenzhou-Kean University, Wenzhou, China

    Ali Ahmadian

  5. Institute for Mathematical Research, Universiti Putra Malaysia, Seri Kembangan, 43400, UPM, Malaysia

    Muhammad Rezal Kamel Ariffin

Authors
  1. Mohd Shariq
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. Karan Singh
    View author publications

    You can also search for this author in PubMed Google Scholar

  3. Pramod Kumar Maurya
    View author publications

    You can also search for this author in PubMed Google Scholar

  4. Ali Ahmadian
    View author publications

    You can also search for this author in PubMed Google Scholar

  5. Muhammad Rezal Kamel Ariffin
    View author publications

    You can also search for this author in PubMed Google Scholar

Corresponding author

Correspondence to Mohd Shariq.

Ethics declarations

Conflict of Interests

The authors declare that they have no competing interests.

Additional information

Publisher’s note

Springer Nature remains neutral with regard to jurisdictional claims in published maps and institutional affiliations.

Rights and permissions

Reprints and permissions

About this article

Check for updates. Verify currency and authenticity via CrossMark

Cite this article

Shariq, M., Singh, K., Maurya, P.K. et al. URASP: An ultralightweight RFID authentication scheme using permutation operation. Peer-to-Peer Netw. Appl. 14, 3737–3757 (2021). https://doi.org/10.1007/s12083-021-01192-5

Download citation

  • Received:

  • Accepted:

  • Published:

  • Issue Date:

  • DOI: https://doi.org/10.1007/s12083-021-01192-5

Keywords

Search

Navigation