Title: Security analysis of LMAP using AVISPA
Authors: Salekul Islam
Addresses: Computer Science and Engineering Department, United International University, Dhaka 1209, Bangladesh
Abstract: Radio-frequency identification (RFID) is an RFID tag based technology for providing automated identification of both objects and humans. RFID tags have numerous potential applications if a secured authentication and privacy could be provided. An RFID tag is interrogated by a reader to get the identity of the tag along with other information. A mutual authentication between the tag and reader should take place before revealing tag's identification or any other sensitive information to a reader. Lightweight mutual authentication protocol (LMAP) is a low-cost authentication protocol for RFID tags, where tags perform only simple bit-wise operations and readers perform high computational operations. In this paper, we have validated the security properties of LMAP by using an automated, security protocol validation tool, named AVISPA. Two attacks on mutual authentication have been reported by AVISPA. We also analyse how these attacks could be extenuated.
Keywords: RFID tags; radio frequency identification; lightweight mutual authentication protocol; LMAP security; AVISPA; mutual authentication; security protocol analysis; automated validation; attacks.
International Journal of Security and Networks, 2014 Vol.9 No.1, pp.30 - 39
Received: 02 Feb 2013
Accepted: 04 Oct 2013
Published online: 17 Feb 2014 *