Investigating the Performances and Vulnerabilities of Two New Protocols Based on R-RAPSE

TL;DR

This paper analyzes the privacy and security vulnerabilities of two RFID authentication protocols based on R-RAPS, revealing their weaknesses and proposing improved protocols that enhance security and performance.

Contribution

It provides a formal privacy analysis of existing protocols and introduces new, more secure RFID authentication protocols addressing identified vulnerabilities.

Findings

Existing protocols are vulnerable to impersonation, DoS, and traceability attacks.

The proposed protocols eliminate the identified security weaknesses.

The new protocols demonstrate improved efficiency and security.

Abstract

Radio Frequency IDentification (RFID) is a pioneer technology which has depicted a new lifestyle for humanity in all around the world. Every day we observe an increase in the scope of RFID applications and no one cannot withdraw its numerous usage around him/herself. An important issue which should be considered is providing privacy and security requirements of an RFID system. Recently in 2014, Cai et al. proposed two improved RFID authentication protocols based on R-RAPS rules by the names of IHRMA and I2SRS. In this paper, we investigate the privacy of the aforementioned protocols based on Ouafi and Phan formal privacy model and show that both IHRMA and I2SRS protocols cannot provide private authentication for RFID users. Moreover, we showthat these protocols are vulnerable to impersonation, DoS and traceability attacks. Then, by considering the drawbacks of the studied protocols and implementation of messages with new structures, we present two improved efficient and secure authentication protocols to ameliorate the performance of Cai et al schemes. Our analysis illustrate that the existing weaknesses of the discussed protocols are eliminated in our proposed protocols.