Closed-loop and open-loop authentication protocols for blockchain-based IoT systems

Designers of smart environments based on radio frequency identification devices have a challenging task to build secure mutual authentication protocols. These systems are classified into two major factions which are traditional closed-loop systems, and open-loop systems. To the best of our knowledge, all of the mutual authentication protocols previously introduced for these two categories rely on a centralized database but they fail to address decentralized mutual authentication and their related attacks. Thanks to the blockchain technology, which is a novel distributed technology, in this paper, we propose two decentralized mutual authentication protocols for IoT systems. Our first scheme is utilized for traditional closed-loop RFID systems (called CLAB), and the second one applies to open-loop RFID systems (called OLAB). Meanwhile, we examine the security of the Chebyshev chaotic map-based authentication algorithm and confirm that this algorithm is unprotected against tag and reader impersonation attacks. Likewise, we present a denial of service (DoS), tag impersonation, and reader impersonation attacks against the Chebyshev chaotic-map based protocol when employed in open-loop IoT networks. Moreover, we discover a full secret recovery attack against a recent RFID mutual authentication protocol which is based on blockchain. Finally, we use the BAN-logic method to approve the security characteristics of our CLAB and OLAB proposals.