Quasi-Linear Cryptanalysis of a Secure RFID Ultralightweight Authentication Protocol

Peris-López, Pedro; Hernández-Castro, Julio; Phan, Raphaël C.‐W.; Tapiador, Juan E.; Li, Tieyan

doi:10.1007/978-3-642-21518-6_30

Cited by 12 publications

(5 citation statements)

References 12 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

“…Most of the previous UMAPs [1,5,6,9,12,[14][15][16][17][20][21][22] have similar pitfalls in their designs and are hence vulnerable against various cryptanalysis attacks [2,7,8,10,11,13,18,19,[23][24][25][26][27][28][29][30][31][32][33]. This raises the need of a new more sophisticated UMAP, which should overcome all the previously highlighted problems in cost effective manner.…”

Section: Literature Reviewmentioning

confidence: 99%

A New Ultralightweight RFID Mutual Authentication Protocol: SASI Using Recursive Hash

Mujahid

Najam-ul-Islam

Jafri

et al. 2016

International Journal of Distributed Sensor Networks

View full text Add to dashboard Cite

RFID is one of the most prominent identification schemes in the field of pervasive systems. Nonline of sight capability makes RFID systems much better choice than its contended systems (such as barcode, magnetic tape, etc.). Since the RFID uses wireless channel for communication with its associated devices, there should be some optimal encryption methods to secure the communicating data from adversaries. Several researchers have proposed ultralightweight mutual authentication protocols (UMAPs) to secure the RFID systems in cost effective manner. Unfortunately most of the previously proposed UMAPs are later found to be vulnerable against various desynchronization, Denial of Service (DoS), traceability, and full disclosure attacks. In this paper, we present a more sophisticated UMAP to provide Strong Authentication and Strong Integrity (SASI) using recursive hash function. The proposed protocol incorporates only simple bitwise logical operators XOR, Rot, and nontriangular function (recursive hash) in its design, which can be efficiently implemented with a low cost passive RFID tag. The performance analysis of the protocol proves the conformation of the proposed protocol with EPC-C1G2 passive tags. In addition to privacy and security, small chip area (miniaturization) is another design constraint (which is mandatory requirement for a protocol to be considered as ultralightweight authentication protocol). We have also proposed and implemented the efficient hardware design of the proposed protocol for EPC-C1G2 tags. Both the FPGA and ASIC implementation flows have been adopted. The FPGA flow is primarily used to validate the functionality of the proposed hardware design whereas ASIC flow (using TSMC 0.35 μm library) is used to validate the gate count. To the best of our knowledge, this is the first FPGA and ASIC implementation of any ultralightweight RFID authentication protocol.

show abstract

Section: Literature Reviewmentioning

confidence: 99%

A New Ultralightweight RFID Mutual Authentication Protocol: SASI Using Recursive Hash

Mujahid

Najam-ul-Islam

Jafri

et al. 2016

International Journal of Distributed Sensor Networks

View full text Add to dashboard Cite

show abstract

“…The first attacks presented by Peris-Lopez et al [15] in 2010, were traceability and passive full disclosure of ID, which requires eavesdropping of an average of 250 sessions. In 2012, Avoine et al presented a passive full disclosure of ID on this protocol which requires eavesdropping of an average of 25 sessions [1].…”

Section: Historymentioning

confidence: 99%

Recursive Linear and Differential Cryptanalysis of Ultralightweight Authentication Protocols

Ahmadian

Salmasizadeh

Aref

2013

IEEE Trans.Inform.Forensic Secur.

View full text Add to dashboard Cite

Abstract-Privacy is faced to serious challenges in the ubiquitous computing world. In order to handle this problem, some researches in recent years have focused on design and analysis of privacy friendly ultralightweight authentication protocols. In less than a decade, many ultralightweight authentication protocols are proposed. Though, successful crypanalyses are proposed for almost all of them, most of these attacks are based on ad-hoc methods that are not extensible to a large class of ultralightweight protocols. So this research area still suffers from the lack of structured cryptanalysis and evaluation methods. In this paper, we introduce new frameworks for full disclosure attacks on ultralightweight authentication protocols based on new concepts of recursive linear and recursive differential cryptanalysis. Both of them exploit triangular functions in ultralightweight protocols and recover all secret data stored in the tag in a recursive manner. The recursive linear attack is applied to Yeh et al. and SLMAP authentication protocols. This attack is passive, deterministic (i.e. the attacker can retrieve all the secrets with probability of one), and requires only a single authentication session. The recursive differential attack is more powerful and can be applied to the protocols which linear attack may not work on. We show the effectiveness of this attack on LMAP ++ and SASI authentication protocols. This differential attack is probabilistic, active in the sense that the attacker suffices only to block some specific messages, and requires a few authentication sessions.

show abstract

“…Contrary to Yeh et al .’s claims, the scheme suffers from traceability and full disclosure attacks as shown by Peris‐López et al. ().…”

Section: Related Workmentioning

confidence: 99%

A genetic tango attack against the David–Prasad RFID ultra‐lightweight authentication protocol

et al. 2012

Self Cite

View full text Add to dashboard Cite

show abstract

Quasi-Linear Cryptanalysis of a Secure RFID Ultralightweight Authentication Protocol

Cited by 12 publications

References 12 publications

A New Ultralightweight RFID Mutual Authentication Protocol: SASI Using Recursive Hash

A New Ultralightweight RFID Mutual Authentication Protocol: SASI Using Recursive Hash

Recursive Linear and Differential Cryptanalysis of Ultralightweight Authentication Protocols

A genetic tango attack against the David–Prasad RFID ultra‐lightweight authentication protocol

Contact Info

Product

Resources

About