Wireless Personal Communications

, Volume 107, Issue 1, pp 695–705 | Cite as

Security Analysis and Improvement on CG+ Protocol

  • Lijun GaoEmail author


Radio frequency identification (RFID) technology will become one of the most popular technologies to identify objects in the near future. However, the major barrier that the RFID system is facing presently is the security and privacy issue. In this paper, we are focus on the Caballero-Gil+ protocol which is a mutual authentication RFID security protocol to conform the EPC-C1G2 standard. Fereidoun Moradi analyzed the CG protocol deeply and gave two attack methods. Then they put forward to a CG+ protocol to resist existing attacks, and claimed that the CG+ protocol has high security and the hardware cost is within acceptable limits. However, research shows that the CG+ protocol is not as security as the author said. We propose a de-synchronization attack and a secret key guessing attack scheme to against the CG+ protocol. Finally, we improve the CG+ protocol and propose a Caballero-Gil++ protocol to overcome the weaknesses of the replay attack and guess attack. Mathematical analysis shows that the CG++ protocol has high security.


RFID Lightweight mutual authentication protocol De-synchronization attack EPC-C1G2 



This work was partially supported by the Aerospace Science Foundation under Grant Nos. 20158054008 and 20148001001.


  1. 1.
    Sarma, S. E., et al. (2003). RFID systems and security and privacy implications. In Proceedings of 4th international work-shop on cryptographic hardware and em bedded systems (pp. 454–469).Google Scholar
  2. 2.
    Ohkubo, M., et al. (2004). Hash-chain based for-ward-secure privacy protection scheme for low-cost RFID. In Proceedings of symposium on cryptography and in-formation security (pp. 149–153).Google Scholar
  3. 3.
    Molnar, D., & Wagner, D. (2004). Privacy and security in library RFID: issues, practices, and architectures. In Proceedings of 11th ACM conference on computer and communications security (pp. 1–19).Google Scholar
  4. 4.
    Rhee, K. (2005). Challenge-response based RFID authentication protocol for distributed database environment. In Proceedings of 2nd international conference on security in pervasive computing (pp. 309–316).Google Scholar
  5. 5.
    Hopper, N. J., & Blum, M. (2001). Secure human identification protocols. In Proceedings of Advances in cryptology—ASIACRYPT2001 (pp. 52–66).Google Scholar
  6. 6.
    Blurn, A., et al. (1993). Cryptographie primitives based on hard learning problems. In Proceedings of advances in cryptology-CRYPTO (pp. 278–291).Google Scholar
  7. 7.
    Gilbert, H., et al. (2005). An active attack against HB+: a provably secure lightweight protocol. Electronics Letters, 41, 1169–1170.CrossRefGoogle Scholar
  8. 8.
    Bringer, J., et al. (2006). HB++: A lightweight authentication protocol secure against some attacks. In Proceedings of the IEEE international conference on pervasive services workshop on security (pp. 28–33).Google Scholar
  9. 9.
    Peris-Lopez, P. (2006). M2AP: A minimalist mutual-authentication protocol for low-cost RFID tags. In Proceedings of the third int’l conference on ubiquitous intelligence and computing (pp. 1–12).Google Scholar
  10. 10.
    Peris-Lopez, P. P., et al. (2006). EMAP: An efficient mutual authentication protocol for low-cost RFID tags. In Proceedings of OTM workshops (pp. 352–361).Google Scholar
  11. 11.
    Peris-Lopez, P. P., et al. (2006). LMAP: A real lightweight mutual authentication protocol for low-cost RFID tags. In Proceedings of the second workshop RFID security (pp. 1–12).Google Scholar
  12. 12.
    Chien, H. Y. (2007). SASI: A new ultralightweight RFID authentication protocol providing strong authentication and strong integrity. IEEE Transaction of Dependable and Secure Computing, 4, 337–340.CrossRefGoogle Scholar
  13. 13.
    Sun, H. M., et al. (2011). On the security of Chien’s ultralightweight RFID authentication protocol. IEEE Transactions on Dependable and Secure Computing, 8(2), 315–317.CrossRefGoogle Scholar
  14. 14.
    Peris-Lopez, P., et al. (2009). Advances in ultralightweight cryptography for low-cost RFID tags: Gossamer protocol. In Proceedings of the information security applications: 9th international workshop (pp. 56–68).Google Scholar
  15. 15.
    G. A. Eslamamal, et al., Lightweight Mutual Authentication Protocol for Low Cost RFID Tags, International Journal of Network Security & Its Applications, 2010, pp. 27-37.Google Scholar
  16. 16.
    Chen, Y., Chou, J. S., & Sun, H. M. (2008). A novel mutual authentication scheme based on quadratic residues for RFID systems. Computer Networks, 52(12), 2373–2380.CrossRefzbMATHGoogle Scholar
  17. 17.
    Yeh, T. C., Wu, C. H., & Tseng, Y. M. (2011). Improvement of the RFID authentication scheme based on quadratic residues. Computer Communications, 34(3), 337–341.CrossRefGoogle Scholar
  18. 18.
    Paar, C. (2010). Lightweight cryptography and RFID: Tackling the hidden overhead. KSII Transactions on Internet and Information Systems, 4(2), 98–116.Google Scholar
  19. 19.
    O’Neill, M., & Robshaw, M. J. B. (2010). Low-cost digital signature architecture suitable for radio frequency identification tags. Computers & Digital Techniques, 4(1), 14–26.CrossRefGoogle Scholar
  20. 20.
    Qin, W., Chen, K., & Bai, Y. (2000). A new Rabin signature scheme. Journal of Software, 11(10), 1333–1337.Google Scholar
  21. 21.
    Wei, L., Dong, Q., & Ding, W. (2013). A low-cost PKC-based RFID mutual authentication protocol. Telecommunications Science, 29(10), 65–71.Google Scholar
  22. 22.
    Caballero-Gil, C., Caballero-Gil, P., Peinado-Domínguez, A., et al. (2011). Lightweight authentication for RFID used in VANETs. In Proceedings of the international conference on computer aided systems theory (pp. 493–500). Berlin: Springer.Google Scholar
  23. 23.
    Moradi, F., Mala, H., & Ladani, B. T. (2015). Security analysis and strengthening of an RFID lightweight authentication protocol suitable for VANETs. Wireless Personal Communications, 83(4), 2607–2621.CrossRefGoogle Scholar

Copyright information

© Springer Science+Business Media, LLC, part of Springer Nature 2019

Authors and Affiliations

  1. 1.Department of Computer Science and TechnologyShenyang Aerospace UniversityShenyangChina

Personalised recommendations