A Novel Lightweight Block Cipher-Based Mutual Authentication Protocol for Constrained Environments

The communication security of constrained objects such as radio frequency identification (RFID) tags and wireless sensor network (WSN) is very challenging because it is not always possible to use the conventional on-the-shelf solutions for them, due to their limited available power and computational capabilities. To deal with this demand, many security protocols have been developed by the researchers so far. However, in many cases, the later analyses that have been carried out on these protocols have shown that they are vulnerable to one or few attacks, which could be enough to eliminate any application for such protocols. Following this direction, in this article, we analyze the security of four recent ultra-lightweight/lightweight protocols, by presenting important attacks including secret disclosure attack and desynchronization attack against them. To address the shortcoming of the previous protocols, we present a new security protocol based on lightweight block ciphers name it LBCbAP. In this protocol, we use CRAFT as the core security primitive. CRAFT is a tweakable block cipher which has been recently proposed and independent security analysis confirmed its security. Our detailed security analysis of LBCbAP, which is performed both informally and formally through the GNY logic and the Scyther tool, demonstrates its security against various types of attacks including secret disclosure and desynchronization attacks. The cost analysis of the designed protocol and comparison with the related lightweight protocols show that LBCbAP is cost efficient.