Vulnerabilities and Improvements on HRAP+, a Hash-Based RFID Authentication Protocol
Publish Year: 1393
Type: Journal paper
Language: English
View: 900
This Paper With 6 Page And PDF Format Ready To Download
- Certificate
- I'm the author of the paper
Export:
Document National Code:
JR_ACSIJ-3-6_008
Index date: 28 February 2015
Vulnerabilities and Improvements on HRAP+, a Hash-Based RFID Authentication Protocol abstract
In the last decade, Radio Frequency Identification (RFID)systems are employed in many authentications and identifications applications. In RFID systems, in order to providesecure authentication between RFID users, different authentication protocols proposed. In 2011, Cho et al. proposeda hash-based mutual RFID authentication protocol(HRAP). They claimed that HRAP protocol provides secure communication between RFID users and also it can provideusers privacy. In that year, Habibi et al. investigated the security and privacy of HRAP protocol and showed that HRAP protocol has some weaknesses. Then, Habibi et al.proposed an improved version of HRAP protocol (HRAP+) that eliminates all weaknesses of HRAP protocol. In thisstudy, we cryptanalyze the HRAP+ protocol and we show that there are some flaws in HRAP+ protocol still. It is shown that, an attacker can perform tag impersonation,server impersonation, and replay attacks with success probability greater than 1 4 . Then, in order to omit all mentionedweaknesses, we propose an improved version of HRAP+ protocol. Security analysis shows that the improved protocol can improve the performance of HRAP+ protocol. In addition,we compare the security of the proposed protocol with some hash-based protocols that proposed recently.
Vulnerabilities and Improvements on HRAP+, a Hash-Based RFID Authentication Protocol Keywords:
Vulnerabilities and Improvements on HRAP+, a Hash-Based RFID Authentication Protocol authors
Seyed Mohammad Alavi
Imam Hossein Comprehensive University Tehran, Iran
Behzad Abdolmaleki
Information Systems and Security Lab (ISSL), Sharif University of Technology Tehran, Iran
Karim Baghery
Information Systems and Security Lab (ISSL), Sharif University of Technology Tehran, Iran