SEAP: Secure and efficient authentication protocol for NFC applications using pseudonyms

Abstract

Authentication protocol plays an important role in the short-range wireless communications for the Near Field Communication (NFC) technology. Due to the shared nature of wireless communication networks, there are several kinds of security vulnerabilities. Recently, a pseudonym-based NFC protocol (PBNFCP) has been proposed to withstand the security pitfalls found in the existing conditional privacy preserving security protocol (CPPNFC). However, this paper further analyzes PBNFCP and shows that it still fails to prevent the claimed security properties, such as impersonation attacks against an adversary, who is a malicious registered user having a valid pseudonym and corresponding private key. In order to overcome these security drawbacks, this paper proposes a secure and efficient authentication protocol (SEAP) for NFC applications using lifetime-based pseudonyms. The proposed SEAP is simulated for the formal security verification using the widely-accepted AVISPA (Automated Validation of Internet Security Protocols and Applications) tool. The simulation results show that SEAP is secure. The rigorous security and performance analysis shows that the proposed SEAP is secure and efficient as compared to the related existing authentication protocols for NFC applications.