Defending RFID authentication protocols against DoS attacks

“…They designed another version called O-RAP to simplify its operation without providing forward security. However, in 2011, Duc et al [1] pointed out two weaknesses of O-FRAP: (1) it is vulnerable to de-synchronization attack by modifying the last message to a tag to hinder the tag from updating its status; (2) A simple DOS attack on O-FRAP is easy by sending a bogus tag pseudonym to the server, which will exhaustively computes values for each tag in the database to find a match, and thus abuse the computational resources of the server. To improve the security, Duc et al proposed two RFID authentication protocols called O-FRAP + and O-RAP + , where O-FRAP + provided forward security but O-RAP + did not.…”

Section: Introductionmentioning

confidence: 97%

New RFID Authentication Protocol with DOS-attack Resistance

Chien

Lee

Chen³

et al. 2011

2011 IEEE 17th International Conference on Parallel and Distributed Systems

View full text Add to dashboard Cite

Forward security and resistance to denial-of-service (DOS) attack are two critical properties for low-cost Radio Frequency Identification (RFID) systems because low-cost tags are prone to be compromised once they are captured and wireless communications are relatively easier to be manipulated. In 2011, Duc et al. proposed two RFID authentication protocols called O-FRAP + and O-RAP + to enhance the forward security and resistance to DOS attacks. Unfortunately, we find that even if only a single tag is compromised in the O-FRAP + and the O-RAP + , then all the other tags would be vulnerable to DOS attacks. In this paper, we report the weaknesses, analyze the design flaws and propose a new scheme to improve the security. Security analysis and performance evaluation show that the proposed scheme out-performs its counterparts.

show abstract

“…Another RFID mutual authentication protocol called O-FRAP was proposed in [18]. In this protocol, each tag and the server share a key (K) and a pseudonym (r) which are updated in every session.…”

Section: Related Workmentioning

confidence: 99%

“…Moreover, some recent research focused on the security side and ignored performance [7,8,13,12,11,17,16,18], which require the server to search all tags in the system in order to identify a single tag.…”

Section: Introductionmentioning

confidence: 99%