• Journal of Information Processing Systems
• /
• v.7 no.4
• /
• pp.691-706
• /
• 2011

Since security and privacy problems in RFID systems have attracted much attention, numerous RFID authentication protocols have been suggested. One of the various design approaches is to use light-weight logics such as bitwise Boolean operations and addition modulo $2^m$ between m-bits words. Because these operations can be implemented in a small chip area, that is the major requirement in RFID protocols, a series of protocols have been suggested conforming to this approach. In this paper, we present new attacks on these lightweight RFID authentication protocols by using the Gr$\ddot{o}$bner basis. Our attacks are superior to previous ones for the following reasons: since we do not use the specific characteristics of target protocols, they are generally applicable to various ones. Furthermore, they are so powerful that we can recover almost all secret information of the protocols. For concrete examples, we show that almost all secret variables of six RFID protocols, LMAP, $M^2AP$, EMAP, SASI, Lo et al.'s protocol, and Lee et al.'s protocol, can be recovered within a few seconds on a single PC.

• The Journal of Korean Institute of Communications and Information Sciences
• /
• v.37 no.1C
• /
• pp.24-33
• /
• 2012

Recently, the ultra-lightweight authentication RFID protocol that can actually implement on the RFID Tag is one among authentication protocols getting a concern, but recently many problems were clarified of the feature becase of the protocol which doesn't use the security algorithm. In this paper, we analyzed the problem of the ultra-lightweight authentication protocols and propose the design of ultra-lightweight RFID authentic ation protocols improving the index processing techniques. Because of improving the index processing technique in the method sending the Server authentication message to the authenticated tag, the proposed protocol is strong against the active attack which Li presents. Besides, the proposed protocol has the buffer storage of the keys and index and is strong against the asynchronous attack.

• Proceedings of the Korean Institute of Information and Commucation Sciences Conference
• /
• 2009.05a
• /
• pp.789-792
• /
• 2009

As RFID technology is becoming ubiquitous, the secunty of these systems gets much attention. Its fields of usage include personal identification, supply-chain management systems, and many more. Many kinds of RFID tags are available on the market which differ both in storage, and computational capacity. Since by standard IT means all the tags have small capacities, the security mechanisms which are in use in computer networks are not suitable. For expensive tags with relatively large computational capacities many secure communication protocols were developed, for cheap low-end tags, only a few lightweight protocols exist. In this paper we introduce our solution, which is based on the least computation demanding operator, the exclusive or function. By introducing two tags instead of one in the RFID system, our scheme provides security solutions which are comparable with those provided by the lightweight protocols. In the meantime, our scheme does not demand any computational steps to be made by the ta.

• KSII Transactions on Internet and Information Systems (TIIS)
• /
• v.10 no.3
• /
• pp.1212-1228
• /
• 2016

Secure communication is an important aspect of today's interconnected environments and it can be achieved by the use of cryptographic algorithms and protocols. However, many existing cryptographic mechanisms are tightly integrated into communication protocols. Issues emerge when security vulnerabilities are discovered in cryptographic mechanisms because their replacement would eventually require replacing deployed protocols. The concept of cryptographic agility is the solution to these issues because it allows dynamic switching of cryptographic algorithms and keys prior to and during the communication. Most of today's secure protocols implement cryptographic agility (IPsec, SSL/TLS, SSH), but cryptographic agility mechanisms cannot be used in a standalone manner. In order to deal with the aforementioned limitations, we propose a lightweight cryptographically agile agreement model, which is formally verified. We also present a solution in the Agile Cryptographic Agreement Protocol (ACAP) that can be adapted on various network layers, architectures and devices. The proposed solution is able to provide existing and new communication protocols with secure communication prerequisites in a straightforward way without adding substantial communication overhead. Furthermore, it can be used between previously unknown parties in an opportunistic environment. The proposed model is formally verified, followed by a comprehensive discussion about security considerations. A prototype implementation of the proposed model is demonstrated and evaluated.

• IEIE Transactions on Smart Processing and Computing
• /
• v.1 no.2
• /
• pp.95-105
• /
• 2012

The widespread implementation of RFID in ubiquitous computing is constrained considerably by privacy and security unreliability of the wireless communication channel. This failure to satisfy the basic, security needs of the technology has a direct impact of the limited computational capability of the tags, which are essential for the implementation of RFID. Because the universal application of RFID means the use of low cost tags, their security is limited to lightweight cryptographic primitives. Therefore, EPCGen2, which is a class of low cost tags, has the enabling properties to support their communication protocols. This means that satisfying the security needs of EPCGen2 could ensure low cost security because EPCGen2 is a class of low cost, passive tags. In that way, a solution to the hindrance of low cost tags lies in the security of EPCGen2. To this effect, many lightweight authentication protocols have been proposed to improve the privacy and security of communication protocols suitable for low cost tags. Although many EPCgen2 compliant protocols have been proposed to ensure the security of low cost tags, the optimum security has not been guaranteed because many protocols are prone to well-known attacks or fall short of acceptable computational load. This paper proposes a remedy protocol to the flyweight RFID authentication protocol proposed by Burmester and Munilla against a desynchronization attack. Based on shared pseudorandom number generator, this protocol provides mutual authentication, anonymity, session unlinkability and forward security in addition to security against a desynchronization attack. The desirable features of this protocol are efficiency and security.

• The Journal of Korea Institute of Information, Electronics, and Communication Technology
• /
• v.11 no.1
• /
• pp.121-128
• /
• 2018

Internet of Things architecture connected to the Internet is a technology. However, Many paper research for the lightweight Protocol of IoT Environment. In these Paper excluded secure problem about protocol. So Light weight Protocol has weakness of secure in IoT environment. All of IoT devices need encryption algorithm and authentication message code for certain level of security. However, IoT environment is difficult to using existing security technology. For this reason, Studies for Lightweight IPsec is essential in IoT environment. For Study of Lightweight IPsec, We analyze existing protocols such as IPsec, 6LoWPAN for IEEE 802.15.4 layer and Lightweight IPsec based 6LoWPAN. The result is to be obtained for the lightweight IPsec protocols for IoT environment. This protocol can compatible with Internet network.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.17 no.4
• /
• pp.103-113
• /
• 2007

In this paper, we present a security analysis of Lightweight RFID Mutual Authentication Protocols-LMAP[10], $M^2AP$[11], EMAP[12]. Based on simple logic operations, the protocols were designed to be suitable for lightweight environments such as RFID systems. In [8,9], it is shown that these protocols are vulnerable to do-synchronization attacks with a high probability. The authors also presented an active attack that partially reveals a tag's secret values including its ID. In this paper, we point out an error from [9] and show that their do-synchronization attack would always succeed. We also improve the active attack in [9] to show an adversary can compute a tag's ID as well as certain secret keys in a deterministic way. As for $M^2AP$ and EMAP, we show that eavesdropping $2{\sim}3$ consecutive sessions is sufficient to reveal a tag's essential secret values including its ID that allows for tracing, do-synchronization and/or subsequent impersonations.

• Journal of Korea Society of Industrial Information Systems
• /
• v.20 no.4
• /
• pp.11-23
• /
• 2015

In this paper, we propose a communication middleware for development of HACCP(Hazard Analysis and Critical Control Point) automation system, which is composed of lightweight devices and a server, to support effective HACCP data management. To provide the proper HACCP data to lightweight devices, we design the communication message protocol based on HACCP management regulation model. Moreover, we develop the communication middleware that performs various functions, such as processing of communication protocols for HACCP data, analyzing of messages between devices and a server, and providing database managements tools. In addition, it takes a role to guarantee sharing consistent data among the devices and server, through the active updates for information on devices. Actually, the proposed communication middleware can be a part of critical system to develop a HACCP automation system with lightweight devices, because it implements the HACCP communication protocols making lightweight devices execute every HACCP task.

• KSII Transactions on Internet and Information Systems (TIIS)
• /
• v.13 no.2
• /
• pp.978-1002
• /
• 2019

With the rapid development of the Internet of Things, the problem of privacy protection has been paid great attention. Recently, Nikooghadam et al. pointed out that Kumari et al.'s protocol can neither resist off-line guessing attack nor preserve user anonymity. Moreover, the authors also proposed an authentication supportive session initial protocol, claiming to resist various vulnerability attacks. Unfortunately, this paper proves that the authentication protocols of Kumari et al. and Nikooghadam et al. have neither the ability to preserve perfect forward secrecy nor the ability to resist key-compromise impersonation attack. In order to remedy such flaws in their protocols, we design a lightweight authentication protocol using elliptic curve cryptography. By way of informal security analysis, it is shown that the proposed protocol can both resist a variety of attacks and provide more security. Afterward, it is also proved that the protocol is resistant against active and passive attacks under Dolev-Yao model by means of Burrows-Abadi-Needham logic (BAN-Logic), and fulfills mutual authentication using Automated Validation of Internet Security Protocols and Applications (AVISPA) software. Subsequently, we compare the protocol with the related scheme in terms of computational complexity and security. The comparative analytics witness that the proposed protocol is more suitable for practical application scenarios.

• KSII Transactions on Internet and Information Systems (TIIS)
• /
• v.8 no.3
• /
• pp.1119-1143
• /
• 2014

Lightweight trust mechanism with lightweight cryptographic primitives has emerged as an important mechanism in resource constraint wireless sensor based mobile devices. In this work, outlier detection in lightweight Mobile Ad-hoc NETworks (MANETs) is extended to create the space of reliable trust cycle with anomaly detection mechanism and minimum energy losses [1]. Further, system is tested against outliers through detection ratios and anomaly scores before incorporating virtual programmable nodes to increase the efficiency. Security in proposed system is verified through ProVerif automated toolkit and mathematical analysis shows that it is strong against bad mouthing and on-off attacks. Performance of proposed technique is analyzed over different MANET routing protocols with variations in number of nodes and it is observed that system provide good amount of throughput with maximum of 20% increase in delay on increase of maximum of 100 nodes. System is reflecting good amount of scalability, optimization of resources and security. Lightweight modeling and policy analysis with lightweight cryptographic primitives shows that the intruders can be detection in few milliseconds without any conflicts in access rights.