TY - JOUR ID - 438 TI - Game-Based Cryptanalysis of a Lightweight CRC-Based Authentication Protocol for EPC Tags JO - AUT Journal of Electrical Engineering JA - EEJ LA - en SN - 2588-2910 AU - Baghery, K. AU - Abdolmaleki, B. AU - Emadi, M. J. AD - MSc Student, Department of Electrical Engineering, Shahed University, Tehran, Iran AD - Assistant Professor, Department of Electrical Engineering, Amirkabir University of Technology, Tehran, Iran Y1 - 2014 PY - 2014 VL - 46 IS - 1 SP - 27 EP - 36 KW - Internet of Things KW - RFID authentication protocols KW - Security and Privacy KW - Ouafi-Phan Privacy Model KW - EPC C1 G2 Standard DO - 10.22060/eej.2014.438 N2 - The term "Internet of Things (IoT)" expresses a huge network of smart and connected objects which can interact with other devices without our interposition. Radio frequency identification (RFID) is a great technology and an interesting candidate to provide communications for IoT networks, but numerous security and privacy issues need to be considered. In this paper, we analyze the security and the privacy of a new RFID authentication protocol proposed by Shi et al. in 2014. We prove that although Shi et al. have tried to present a secure and untraceable authentication protocol, their protocol still suffers from several security and privacy weaknesses which make it vulnerable to various security and privacy attacks. We present our privacy analysis based on a well-known formal privacy model which is presented by Ouafi and Phan in 2008. Moreover, to stop such attacks on the protocol and increase the performance of Shi et al.’s scheme, we present some modifications and propound an improved version of the protocol. Finally, the security and the privacy of the proposed protocol were analyzed against various attacks.  UR - https://eej.aut.ac.ir/article_438.html L1 - https://eej.aut.ac.ir/article_438_692104c490b02f7f411555f1bb4735e6.pdf ER -