Secure Timestamp-Based Mutual Authentication Protocol for IoT Devices Using RFID Tags

Internet of Things (IoT) is playing more and more important roles in our daily lives in the last decade. It can be a part of traditional machine or equipment to daily household objects as well as wireless sensor networks and devices. IoT has a huge potential which is still to be unleashed. However, as the foundation of IoT is the Internet and all the data collected by these devices is over the Internet, these devices also face threats to security and privacy. At the physical or sensor layer of IoT devices the most commonly used technology is RFID. Thus, securing the RFID tag by cryptographic mechanisms can secure our data at the device as well as during communication. This article first discusses the flaws of our previous ultra-lightweight protocol due to its vulnerability to passive secret disclosure attack. Then, the authors propose a new protocol to overcome the shortcomings of our previous work. The proposed scheme uses timestamps in addition to bitwise operation to provide security against de-synchronization and disclosure. This research also presents a security and performance analysis of our approach and its comparison with other existing schemes.