Investigating the Performances and Vulnerabilities of Two New Protocols Based on R-RAPSE
This addresses security vulnerabilities in RFID authentication protocols, which is critical for protecting user privacy in real-world applications, though it appears incremental as it builds directly on existing protocols.
The paper investigated two RFID authentication protocols (IHRMA and I2SRS) and found they fail to provide private authentication and are vulnerable to impersonation, DoS, and traceability attacks. The authors then proposed two improved protocols that eliminate these weaknesses while maintaining efficiency.
Radio Frequency IDentification (RFID) is a pioneer technology which has depicted a new lifestyle for humanity in all around the world. Every day we observe an increase in the scope of RFID applications and no one cannot withdraw its numerous usage around him/herself. An important issue which should be considered is providing privacy and security requirements of an RFID system. Recently in 2014, Cai et al. proposed two improved RFID authentication protocols based on R-RAPS rules by the names of IHRMA and I2SRS. In this paper, we investigate the privacy of the aforementioned protocols based on Ouafi and Phan formal privacy model and show that both IHRMA and I2SRS protocols cannot provide private authentication for RFID users. Moreover, we showthat these protocols are vulnerable to impersonation, DoS and traceability attacks. Then, by considering the drawbacks of the studied protocols and implementation of messages with new structures, we present two improved efficient and secure authentication protocols to ameliorate the performance of Cai et al schemes. Our analysis illustrate that the existing weaknesses of the discussed protocols are eliminated in our proposed protocols.