Security of RFID Protocols – A Case Study

Deursen, Ton van; Radomirović, Saša

doi:10.1016/j.entcs.2009.07.037

Cited by 19 publications

(19 citation statements)

References 27 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

“…The desynchronization attack in [20], based on the modification of nr, cannot go by unnoticed in our protocol. Any modification results in a mismatch with h(ID, P nr ⊕ nt ) at step 2.…”

Section: Case 3: a Protocol Attacked Recentlymentioning

confidence: 99%

“…Finally, the tag updates to ID = h(ID', S nr ⊕ nt ) as well. The first attack launched in [20] was possible because the challenge and response of [19] were not related. Thus, an active attacker sends a nonce to the tag and gets a response that can be replayed later.…”

Section: Case 3: a Protocol Attacked Recentlymentioning

confidence: 99%

“…Therefore, the modification of nt always results in a rejection of the tag's response by the reader. Since there is no S defined in the final step of our protocol, the learning and challenge phases of the traceability attack described in [20] cannot be launched.…”

Section: Case 3: a Protocol Attacked Recentlymentioning

confidence: 99%

“…Any modification results in a mismatch with h(ID, P nr ⊕ nt ) at step 2. The S bit defined in [20] is turned off at the end of the protocol, but still a mechanism is needed to test S in the next run. For preventing desynchronization attacks, the steps and transitions of the exchanges must be monitored by both sides.…”

Section: Case 3: a Protocol Attacked Recentlymentioning

confidence: 99%

“…Both the protocol and the presented security analysis were formally analyzed in [20], using just a hash function with standard techniques yet claiming that strong security is refuted with detailed demonstrations of replay, traceability, and desynchronization attacks. The contribution of our proposed method would be clearly proven if it removes the vulnerabilities of the protocol and makes it resistant to the attacks described in [20].…”

Section: Case 3: a Protocol Attacked Recentlymentioning

confidence: 99%

See 4 more Smart Citations

Increasing key space at little extra cost in RFID authentications

Dalkılıç¹,

Özcanhan²,

Çakir³

2014

Turk J Elec Eng & Comp Sci

View full text Add to dashboard Cite

Traditional authentication and key establishment protocols utilize nonce parameters as a means for message freshness, recent aliveness, and key derivation. Improving identity verification, increasing key space, or making secret updates more complex through nonces are not goals. Generating random numbers as nonces and not making the most out of them can be considered as a loss in resource stricken radio frequency identification (RFID) tags. By increasing the shared secrets slightly, a new functionality for the nonces is introduced, which makes the authentication and key establishment protocols of RFID systems more secure, in general. The proposed method contributes to the security of communication channels by increasing the key space. Attaining better security, with just a slight increase in the shared secrets and the already generated nonces, is beneficial compared to the existing costly, resource-demanding security primitives.

show abstract

“…The desynchronization attack in [20], based on the modification of nr, cannot go by unnoticed in our protocol. Any modification results in a mismatch with h(ID, P nr ⊕ nt ) at step 2.…”

Section: Case 3: a Protocol Attacked Recentlymentioning

confidence: 99%

Section: Case 3: a Protocol Attacked Recentlymentioning

confidence: 99%

Section: Case 3: a Protocol Attacked Recentlymentioning

confidence: 99%

Section: Case 3: a Protocol Attacked Recentlymentioning

confidence: 99%

Section: Case 3: a Protocol Attacked Recentlymentioning

confidence: 99%

See 3 more Smart Citations

Increasing key space at little extra cost in RFID authentications

Dalkılıç¹,

Özcanhan²,

Çakir³

2014

Turk J Elec Eng & Comp Sci

View full text Add to dashboard Cite

show abstract

Practical attacks and improvements to an efficient radio frequency identification authentication protocol

Erguler

Anarım

2011

Concurrency and Computation

View full text Add to dashboard Cite

SUMMARY In 2008, a scalable radio frequency identification (RFID) authentication protocol was proposed by Yanfei Liu to provide security and privacy for RFID tags. This protocol only needs O(1) time complexity to find out the identifier of the RFID tag irrespective of the total number of the tags in the system. Based on our analysis, however, a security flaw, which has gone unnoticed in the design of the protocol, makes the scheme vulnerable to tracking attack, tag impersonation attack, and desynchronization attack, if the attacker has the possibility to tamper with only one RFID tag. Because low‐cost devices are not tamper‐resistant, such an attack could be feasible, and we can apply the resulting attacks on authentication, untraceability, and desynchronization resistance of the protocol. To counteract such flaws, we revise the scheme with a stateful variant and also show that the proposed model requires less tag and server‐side computation. Copyright © 2011 John Wiley & Sons, Ltd.

show abstract

Security analysis of an ultra‐lightweight RFID authentication protocol—SLMAP*

Unsal

Anarım

et al. 2011

Security Comm Networks

View full text Add to dashboard Cite

Computational constraints mostly driven by the cost concerns of radio frequency identification tags only permit to have security schemes that are simple combinations of elementary operations rather than the bullet proven yet computationally intensive cryptographic primitives. As ultra‐lightweight authentication protocols use only basic bitwise and arithmetic operations such as XOR, OR, and addition modulo powers of 2, they are considered as a class of these schemes. Because most of the early proposed ultra‐lightweight authentication protocols are easily broken, it turned out that designing such protocols is a much deeper task than presumed. This study analyzes a modified version of the stable lightweight mutual authentication protocol denoted by SLMAP*. After exploiting an unnoticed flaw in its design rationale, it is shown that some of the freshly produced variables can be assigned to different values for the reader and the tag that presumably causes a desynchronization vulnerability. Copyright © 2011 John Wiley & Sons, Ltd.

show abstract

Security of RFID Protocols – A Case Study

Cited by 19 publications

References 27 publications

Increasing key space at little extra cost in RFID authentications

Increasing key space at little extra cost in RFID authentications

Practical attacks and improvements to an efficient radio frequency identification authentication protocol

Security analysis of an ultra‐lightweight RFID authentication protocol—SLMAP*

Contact Info

Product

Resources

About