سیویلیکا را در شبکه های اجتماعی دنبال نمایید.

Vulnerabilities and Improvements on HRAP+, a Hash-Based RFID Authentication Protocol

Publish Year: 1393
Type: Journal paper
Language: English
View: 900

This Paper With 6 Page And PDF Format Ready To Download

Export:

Link to this Paper:

Document National Code:

JR_ACSIJ-3-6_008

Index date: 28 February 2015

Vulnerabilities and Improvements on HRAP+, a Hash-Based RFID Authentication Protocol abstract

In the last decade, Radio Frequency Identification (RFID)systems are employed in many authentications and identifications applications. In RFID systems, in order to providesecure authentication between RFID users, different authentication protocols proposed. In 2011, Cho et al. proposeda hash-based mutual RFID authentication protocol(HRAP). They claimed that HRAP protocol provides secure communication between RFID users and also it can provideusers privacy. In that year, Habibi et al. investigated the security and privacy of HRAP protocol and showed that HRAP protocol has some weaknesses. Then, Habibi et al.proposed an improved version of HRAP protocol (HRAP+) that eliminates all weaknesses of HRAP protocol. In thisstudy, we cryptanalyze the HRAP+ protocol and we show that there are some flaws in HRAP+ protocol still. It is shown that, an attacker can perform tag impersonation,server impersonation, and replay attacks with success probability greater than 1 4 . Then, in order to omit all mentionedweaknesses, we propose an improved version of HRAP+ protocol. Security analysis shows that the improved protocol can improve the performance of HRAP+ protocol. In addition,we compare the security of the proposed protocol with some hash-based protocols that proposed recently.

Vulnerabilities and Improvements on HRAP+, a Hash-Based RFID Authentication Protocol Keywords:

Vulnerabilities and Improvements on HRAP+, a Hash-Based RFID Authentication Protocol authors

Seyed Mohammad Alavi

Imam Hossein Comprehensive University Tehran, Iran

Behzad Abdolmaleki

Information Systems and Security Lab (ISSL), Sharif University of Technology Tehran, Iran

Karim Baghery

Information Systems and Security Lab (ISSL), Sharif University of Technology Tehran, Iran