Ömer AYDIN, Gökhan DALKILIÇ, Cem KÖSEMEN

A novel grouping proof authentication protocol for lightweight devices: GPAPXR+

Radio frequency identification (RFID) tags that meet EPC Gen2 standards are used in many fields such as supply chain operations. The number of the RFID tags, smart cards, wireless sensor nodes, and Internet of things devices is increasing day by day and the areas where they are used are expanding. These devices are very limited in terms of the resources they have. For this reason, many security mechanisms developed for existing computer systems cannot be used for these devices. In order to ensure secure communication, it is necessary to provide authentication process between these lightweight devices and the devices they communicate. The authentication process is the first step that allows the parties to trust each other for communication. Moreover, the authentication protocol should allow simultaneous verification of multiple lightweight devices. Therefore, grouping proof authentication protocol is required. In this study, a new grouping proof authentication protocol is developed for lightweight devices. The proposed protocol implemented on wireless identification and sensing platform passive RFID tag, uses embedded advanced encryption standard encryption method to encrypt transmitted data. Security of the protocol was first evaluated and verified theoretically, then by a tool used for automatic verification of security protocols, called Scyther tool.

PDF

___

1] Canniere CD, Dunkelman O, Knezevic M. KATAN and KTANTAN – a family of small and efficient hardware- oriented block ciphers. In: International Workshop on Cryptographic Hardware and Embedded Systems CHES 2009; Lausanne, Switzerland; 2009. pp. 272-288. doi: 10.1007/978-3-642-04138-9_20
[2] Knudsen L, Leander G, Poschmann A, Robshaw MJB. PRINTcipher: a block cipher for ic-printing. In: 12th International Workshop Cryptographic Hardware and Embedded Systems CHES 2010; Santa Barbara, USA; 2010. pp. 16-32. doi: 10.1007/978-3-642-15031-9_2
[3] Guo J, Peyrin T, Poschmann A, Robshaw M. The led block cipher. In: 13th International Workshop Cryptographic Hardware and Embedded Systems CHES 2011, Nara, Japan; 2011. pp. 326-341. doi: 10.1007/978-3-642-23951-9_22
[4] Gong Z, Nikova S, Law YW. A new family of lightweight block ciphers. In: Juels A, Paar C (editors) RFID. Security and Privacy. RFIDSec 2011. Lecture Notes in Computer Science, vol 7055. Berlin, Heidelberg: Springer, 2012. pp. 1-18. doi: 10.1007/978-3-642-25286-0_1
[5] Shibutani K, Isobe T, Hiwatari H, Mitsuda A, Akishita T et al. Piccolo:an ultra-lightweight blockcipher. In: International Workshop on Cryptographic Hardware and Embedded Systems CHES 2011: Cryptographic Hardware and Embedded Systems; Nara, Japan; 2011. pp. 342–357. doi: 10.1007/978-3-642-23951-9_23
[6] Wu W, Zhang L. LBlock: a lightweight block cipher. In: International Conference on Applied Cryptography and Network Security ACNS 2011: Applied Cryptography and Network Security; Nerja, Spain; 2011. pp. 327–344. doi: 10.1007/978-3-642-21554-4_19
[7] Beaulieu R, Shors D, Smith J, Treatman-Clark S, Weeks B et al. The SIMON and SPECK families of lightweight block ciphers. In: 2015 52nd ACM/EDAC/IEEE Design Automation Conference (DAC); San Francisco, CA, USA; 2015. doi: 10.1145/2744769.2747946
[8] Bogdanov A, Knezevic M, Leander G, Toz D, Varıcı K et al. SPON-GENT: a lightweight hash function. In: International Workshop on Cryptographic Hardware and Embedded Systems CHES 2011: Cryptographic Hardware and Embedded Systems; Nara, Japan; 2011. pp. 312-325. doi: 10.1007/978-3-642-23951-9_21
[9] Guo J, Peyrin T, Poschmann A. The PHOTON family of lightweight hash functions. In: Annual Cryptology Conference CRYPTO 2011: Advances in Cryptology; Santa Barbara, CA, USA; 2011. pp. 222–239. doi: 10.1007/978- 3-642-22792-9_13
[10] Aumasson JP, Henzen L, Meier W, Naya-Plasencia M. Quark: a lightweight hash. Journal of Cryptology 2013; 26(2): 313-339. doi: 10.1007/s00145-012-9125-6
11] Lee JY, Lin WC, Huang YH. A lightweight authentication protocol for internet of things. In: 2014 International Symposium on Next-Generation Electronics (ISNE); New York, USA; 2014. pp. 1-2.
[12] Özcanhan MH, Dalkılıç G. Mersenne twister-based RFID authentication protocol. Turkish Journal of Electrical Engineering & Computer Sciences 2015; 23: 231-254. doi: 10.3906/elk-1212-95
[13] Armknecht F, Hamann M, Mikhalev V. Lightweight authentication protocols on ultra-constrained RFIDs-myths and facts. In: International Workshop on Radio Frequency Identification: Security and Privacy Issues; 2015. pp. 1-18. Springer, Cham.
[14] Marsaglia G. Xorshift RNGs. Journal of Statistical Software 2003; 8(14): 1-6. doi: 10.18637/jss.v008.i14
[15] Vigna S. Further scramblings of Marsaglia’s xorshift generators. Journal of Computational and Applied Mathematics 2017; 315: 175-181. doi: 10.1016/j.cam.2016.11.006
[16] Çabuk UC, Aydın Ö, Dalkılıç G. A random number generator for lightweight authentication protocols: xorshiftR+. Turkish Journal of Electrical Engineering & Computer Sciences 2017; 25(6): 4818-4828. doi: 10.3906/elk-1703-361
[17] Bassham LE. A Statistical Test Suite for Random and Pseudorandom Number Generators for Cryptographic Applications. NIST Special Publication 800-22rev1a. Gaithersburg, MD, USA: NIST, 2010.
[18] Rukhin A, Soto J, Nechvatal J, Smid M, Barker E et al. A statistical test suite for random and pseudorandom number generators for cryptographic applications. NIST Special Publication NIST SP 800-22 Rev 1a, Gaithersburg, MD, USA: NIST, 2010.
[19] Barker E, Kelsey J. Recommendation for Random Number Generation Using Deterministic Random Bit Generators. NIST Special Publication 800-90A. Gaithersburg, MD, USA: NIST, 2012.
[20] Turan MS, Barker E, Kelsey J, McKay KA, Baish ML et al. Recommendation for the Entropy Sources Used for Random Bit Generation. NIST Special Publication 800-90B Second Draft. Gaithersburg, MD, USA: NIST, 2016.
[21] Barker E, Kelsey J. Recommendation for Random Bit Generator (RBG) Constructions. NIST Special Publication 800-90C Second Draft. Gaithersburg, MD, USA: NIST, 2016.
[22] L’Ecuyer P, Simard R. TestU01: A Software Library in ANSI C for Empirical Testing of Random Number Generators User’s Guide Document. Montreal, Canada: University of Montreal, 2014.
[23] Cremers C. The scyther tool: verification, falsification, and analysis of security protocols. In: International Con- ference on Computer Aided Verification CAV 2008: Computer Aided Verification; Princeton, NJ, USA; 2008. pp. 414-418. doi: 10.1007/978-3-540-70545-1_38
[24] Rostampour S, Bagheri N, Hosseinzadeh M, Khademzadeh A. An authenticated encryption based grouping proof protocol for RFID systems. Security and Communication Networks 2016; 9(18): 5581-5590. doi: 10.1002/sec.1718.
[25] İbrahim A, Dalkılıç G. An advanced encryption standard powered mutual authentication protocol based on el- liptic curve cryptography for RFID, proven on WISP. Journal of Sensors 2017; 1: 1-10. Article ID 2367312. doi: 10.1155/2017/2367312
[26] Zhou Z, Liu P, Liu Q, Wang G. An ECC-based off-line anonymous grouping-proof protocol. In: Wang G, Atiquz- zaman M, Yan Z, Choo KK (editors) Security, Privacy, and Anonymity in Computation, Communication, and Storage. SpaCCS. Lecture Notes in Computer Science 10656. Cham: Springer, 2017, pp. 186-200. doi: 10.1007/978- 3-319-72389-1_16
[27] Liew WT, Tsai KY, Luo JN, Yang MH. Novel designated ownership transfer with grouping proof. In: 2017 IEEE Conference on Dependable and Secure Computing; Taipei, Taiwan; 2017. pp. 433-440. doi: 10.1109/DESEC.2017.8073863
[28] Zhang W, Qin S, Wang S, Wu L, Yi B. A new scalable lightweight grouping proof protocol for RFID systems. Wireless Personal Communications 2018; 103: 133-143. doi: 10.1007/s11277-018-5430-1
[29] Zhou Z, Liu P, Liu Q, Wang G. An anonymous offline RFID grouping-proof protocol. Future Internet 2018; 10(2): 1-15. doi:10.3390/fi1001000
[30] Tsai KY, Luo JN, Yang MH, Liew WT. Novel designated ownership transfer with grouping proof. Applied Sciences 2019; 9(4): 1-19. doi:10.3390/app9040724
[31] Luo JN, Yang MH. A Secure Partial RFID Ownership Transfer Protocol with Multi-Owners. Sensors 2020; 20(1): 1-18. doi: 10.3390/s20010022
[32] GS1. EPCTM Radio-Frequency Identity Protocols Generation-2 UHF RFID Specification for RFID Air Interface. Lawrenceville, NJ, USA: GS1 EPCglobal Inc, 2013.
[33] EPCGlobal GS1. EPC™ radio-frequency identity protocols generation-2 UHF RFID specification for RFID air interface protocol for communications at 860 MHz – 960 MHz version 2.0.1 ratified; 2015, pp. 1-152.
[34] Aydın Ö. Enhancing Security in RFID. PhD, Dokuz Eylül University, İzmir, Turkey, 2019.
[35] Dolev D, Yao A. On the security of public key protocols. IEEE Transactions on Information Theory 1983; 29(2): 198-208.
[36] Duan S, Mjølsnes SF, Tsay JK. Security analysis of the terrestrial trunked radio (TETRA) authentication protocol. In: Norwegian Information Security Conference; Stavanger; 2013. pp. 1-12.
[37] Rathore R, Hussain M. Simple, secure, efficient, lightweight and token based protocol for mutual authentication in wireless sensor networks. In: Shetty NR, Prasad NH, Nalini N (editors) Emerging Research in Computing, Information, Communication and Applications ERCICA 2015. New Delhi, India: Springer, 2015, pp. 451-462. doi: 10.1007/978-81-322-2550-8_43