SAPWSN: A Secure Authentication Protocol for Wireless Sensor Networks

With the advancement of RFID systems, there is a need for secure RFID authentication that can provide security against a variety of attacks, so designing a perfectly safe protocol has become a security challenge. The most remarkable security challenges may be information leakage, traceability, and tag impersonation. Several researchers have attempted to address this security demand by proposing ultra-lightweight solutions that use only very low-cost operations such as bit-wise operations. However, approximately all of the presented previous ultra-lightweight authentication schemes are vulnerable to a variety of attacks. For this purpose, Chiou and Chang recently proposed an EPC Class 1 Gen-2-based RFID authentication protocol and claimed it is resistant against replay attacks and also other known active and passive attacks. They also stated that their proposed protocol does not require features such as a secure channel, time parameters, or virtual IDs. In this paper, we will investigate the security of the Chiou and Chang authentication scheme and demonstrate that it is completely insecure. Specifically, we will present the security faults of this scheme. In addition, we will present an enhanced protocol called SAPWSN. The proposed protocol presents precise authentication and highly secure transfers. We demonstrate the proposed protocol's security in the formal and informal methods. In the formal method, we use the Compromise version of Scyther tool.