Abstract
The communication security of constrained objects such as radio frequency identification (RFID) tags and wireless sensor network (WSN) is very challenging because it is not always possible to use the conventional on-the-shelf solutions for them, due to their limited available power and computational capabilities. To deal with this demand, many security protocols have been developed by the researchers so far. However, in many cases, the later analyses that have been carried out on these protocols have shown that they are vulnerable to one or few attacks, which could be enough to eliminate any application for such protocols. Following this direction, in this article, we analyze the security of four recent ultra-lightweight/lightweight protocols, by presenting important attacks including secret disclosure attack and desynchronization attack against them. To address the shortcoming of the previous protocols, we present a new security protocol based on lightweight block ciphers name it LBCbAP. In this protocol, we use CRAFT as the core security primitive. CRAFT is a tweakable block cipher which has been recently proposed and independent security analysis confirmed its security. Our detailed security analysis of LBCbAP, which is performed both informally and formally through the GNY logic and the Scyther tool, demonstrates its security against various types of attacks including secret disclosure and desynchronization attacks. The cost analysis of the designed protocol and comparison with the related lightweight protocols show that LBCbAP is cost efficient.
Highlights
Internet of Things (IoT) can be used to control a device through an Internet connection
And formally we provide the security proof of the proposed protocol using the GNY logic and the Scyther tool which show that LBCbAP provides desired security against different passive and active attacks such as secret disclosure attack, replay attack, and traceability attack
In this article, we have shown that four recent proposed security protocols for IoT and radio frequency identification (RFID) systems (i.e. KSP, SOVNOKP, LBRAPS and LRSAS) are vulnerable against secret disclosure attack and desynchronization attack
Summary
CUONG TRINH 1, BAO HUYNH 2, JAN LANSKY 3, STANISLAVA MILDEOVA3, MASOUMEH SAFKHANI 4, NASOUR BAGHERI 5,6, SARU KUMARI 7, AND MEHDI HOSSEINZADEH 8,9.
Sign-in/Register to view highlights & summary Sign-in/Register to access full text options 
Talk to us
Join us for a 30 min session where you can share your feedback and ask us any queries you have
Schedule a callDisclaimer: All third-party content on this website/platform is and will remain the property of their respective owners and is provided on "as is" basis without any warranties, express or implied. Use of third-party content does not indicate any affiliation, sponsorship with or endorsement by them. Any references to third-party content is to identify the corresponding services and shall be considered fair use under The CopyrightLaw.
