Weaknesses of SPRS Authentication Protocol and Present a Developed Protocol for RFID Systems

Authors

1 Assistant Professor, Imam Hossein University, Tehran, Iran

2 Master's degree, Faculty of Electrical Engineering, Shahid University, Tehran, Iran

Abstract

In recent years, cyber security has become one of the main objectives of military organizations. On the
other hand, forces identification, authentication and their security have become one of the basic needs of
military centers. Although data encryption prevents user access to data contents, an attacker can forges
exchanged data by access to communications channels. As a result, providing secure protocols for
authentication systems, to prevent different attacks is very important. In this paper, we cryptanalyze a
mutual RFID authentication protocol (SPRS) that presented in 2013. Unlike climes of the designers of
protocol, we show that their protocol has some weaknesses yet and does not secure against some attacks
such as rival secret values, tag impersonation and tractability. Then, an improved version of SPRS protocol
is proposed that eliminates SPRS weaknesses. Also, the security and the privacy of proposed protocol are
compared with some mutual authentication protocols that proposed recently.

Keywords

References

[1]  E.-C. Australia, “Access control, sensor control, and trans-ponders,” Available on: http://www.rfid.com.au/rfid uhf.htm, 2008.
[2] J.-H. Hoepman, E. Hubbers, B. Jacobs, M. Oostdijk, and R. W. Scherer, “Crossing borders: Security and privacy issues of the European e-passport,” in IWSEC, Springer-Heidelberg, pp. 152-167, 2006. 
[3] “Transport for London, Oyster,” [Online]: Available: http://www.tfl.gov.uk/tickets/27298.aspx. [Accessed 01 02 2014].
[4] D. C. Wyld, “24-Karat protection: RFID and retail jewelry marketing,” International Journal of UbiComp (IJU), vol. 1, no. 1, 2010. 
[5] K. Khedo, D. Sathan, R. Elaheebocus, R. K. Subramanian, and S. D. V. Rughooputh, “Overlapping zone partitioning localization technique for RFID,” International Journal of UbiComp (IJU), vol. 1, no. 2, 2010. 
[6] “EP Cglobal Inc.,” [Online]: Available: http://www.epcglobalinc.org. [Accessed 02 01 2014].
[7] T. C. Yeh, Y. J. Wang, T. C. Kuo, and S. S. Wang, “Securing RFID systems conforming to EPC Class-1 Generation-2 standard,” Expert Systems with Applications, vol. 37, no. 12, pp. 7678-7683, 2010.
[8] E.-J. Yoon, “Improvement of the securing rfid systems conforming to EPC Class 1 Generation 2 standard,” Expert Syst. Appl., vol. 39, no. 11, pp. 1589-1594, 2012. 
[9] F. Xiao, Y. Zhou, J. Zhou, H. Zhu, and X. Niu, “Security Protocol for RFID System Conforming to EPC-C1G2 Standard,” Journal of Computers, vol. 8, no. 3, pp. 605-612, 2013. 
[10] K. Ouafi and R. C.-W. Phan, “Traceable privacy of recent provably-secure RFID protocols,” in ACNS 2008, LNCS 5037, pp. 479–489, 2008. 
Electronic and Cyber Defense
Volume 3, Issue 3 - Serial Number 3
February 2020
Pages 39-48

Files

History

  • Receive Date: 02 December 2014
  • Revise Date: 21 June 2023
  • Accept Date: 19 September 2018
  • Publish Date: 22 November 2015

Share

How to cite

Statistics