Security analysis of ultra-lightweight cryptographic protocol for low-cost RFID tags: Gossamer protocol

Zeeshan Bilal*, Ashraf Masood, Firdous Kausar

*Corresponding author for this work

Research output: Chapter in Book/Report/Conference proceedingConference contribution

55 Citations (Scopus)


Gossamer protocol has been recently published to achieve mutual authentication in low-cost RFID tags. This protocol is considered to fall in ultra-lightweight class as it incorporates simple and low cost operations. Most of the earlier proposals in this class were exposed soon after their publication. Common weaknesses included use of Triangular functions and improper use of logic operators. Gossamer protocol used two non-triangular functions a) ROTbits and b) MIXbits. These functions provide confusion and diffusion properties and are implemented as cheaper operations. Thus, this protocol can be used for EPCglobal Class-1 Generation-2 standard (considered as universal standard for low-cost tags). This protocol is able to overcome existing weaknesses and is considered to be more attractive for low-capability devices as compared to earlier protocols of this class. In this paper, we analyze the security features provided by Gossamer protocol. The vulnerabilities discovered during this analysis reveal that different attacks including denial of service, memory and computation exhaustive, de-synchronization, replay, attack on data integrity and IDS (index pseudonym) collision are possible. As a consequence, we propose a new mutual authentication protocol keeping in mind the constraints and making use of the existing operations without addition of any expensive one. The analysis of the proposed protocol shows that it is resistant to all the attacks possible in case of Gossamer protocol. A comparative security analysis shows that proposed protocol provides better security features with a small compromise of communication overheads. Two additional public messages are exchanged between the reader and the tag to address the vulnerabilities present in Gossamer protocol.

Original languageEnglish
Title of host publicationNBiS 2009 - 12th International Conference on Network-Based Information Systems
Number of pages8
Publication statusPublished - 2009
Externally publishedYes
EventNBiS 2009 - 12th International Conference on Network-Based Information Systems - Indianapolis, IN, United States
Duration: Aug 19 2009Aug 21 2009

Publication series

NameNBiS 2009 - 12th International Conference on Network-Based Information Systems


ConferenceNBiS 2009 - 12th International Conference on Network-Based Information Systems
Country/TerritoryUnited States
CityIndianapolis, IN


  • Mutual authentication
  • Synchronized
  • Ubiquitous computing
  • Ultra-lightweight cryptography

ASJC Scopus subject areas

  • Computer Networks and Communications
  • Information Systems

Cite this