Reconstructing a lightweight security protocol in the radio‐frequency identification systems

Abstract

AbstractNowadays, the Internet of things (IoT) has extensively found its way into everyday life, raising the alarm regarding data security and user privacy. However, IoT devices have numerous limitations that inhibit the implementation of optimal cost‐effective security solutions. In recent years, researchers have proposed a small number of RFID‐based (radio‐frequency identification) security solutions for the IoT. The use of RFID to secure IoT systems is growing rapidly, for it provides small‐scale efficient security mechanisms. Due to the importance of privacy and security in IoT systems, Chuang and Tu have proposed a lightweight authentication protocol using XCor operation. The purpose is to investigate the security of the mentioned protocol and to show the problems of XCor operations used in this protocol. The authors reveal its vulnerability to various attacks, such as tag impersonation, reader impersonation and de−synchronisation attacks. To solve the problems of the Chuang protocol, a secure authentication protocol that uses the lightweight Plr operation is proposed. A formal security analysis of this protocol is performed based on the BAN (Burrows‐Abadi‐Needham) logic. Furthermore, a comparison was drawn between the proposed protocol and the existing similar protocols in terms of performance evaluation. The comparison will reveal that the proposed protocol is both lightweight and highly secure.