PDF(158 KB)
Security analysis of two recently proposed RFID authentication protocols
Chao LV, Hui LI, Jianfeng MA, Meng ZHAO
PDF(158 KB)
PDF(158 KB)
Security analysis of two recently proposed RFID authentication protocols
Radio frequency identification (RFID) systems suffer many security risks because they use an insecure wireless communication channel between tag and reader. In this paper, we analyze two recently proposed RFID authentication protocols. Both protocols are vulnerable to tag information leakage and untraceability attacks. For the attack on the first protocol, the adversary only needs to eavesdrop on the messages between reader and tag, and then perform an XOR operation. To attack the second protocol successfully, the adversary may execute a series of carefully designed challenges to determine the tag’s identification.
radio frequency identification (RFID) protocol / tag information leakage / untraceability attack
| [1] |
Juels A. RFID security and privacy: a research survey. IEEE Journal on Selected Areas in Communications, 2006, 24(2): 381-394
CrossRef
Google scholar
|
| [2] |
Song B, Mitchell C J. RFID Authentication protocol for low-cost tags. In: Proceedings of 1st ACM Conference on Wireless Network Security. 2008, 140-147
|
| [3] |
Song B. RFID tag ownership transfer. In: Proceedings of 4th Workshop on RFID Security. 2008
|
| [4] |
van Deursen T, Radomirović S. Attacks on RFID protocols (version 1.1). Technical report, 2009
|
| [5] |
van Deursen T, Radomirović S. Security of an RFID protocol for supply chains. In: Proceedings of 1st Workshop on Advances in RFID. 2008, 568-573
|
| [6] |
van Deursen T, Mauw S, Radomirović S. Untraceability of RFID protocols. In: Proceedings of the 2nd IFIP WG 11.2 International Conference on Information Security Theory and Practices: Smart Devices, Convergence and Next Generation Networks. 2008, 1-15
|
| [7] |
van Deursen T, Mauw S, Radomirović S, Vullers P. Secure ownership and ownership transfer in RFID systems. In: Proceedings of 14th European Symposium on Research in Computer Security. 2009, 637-654
|
| [8] |
Yu T, Feng Q. A security RFID authentication protocol based on hash function. In: Proceedings of 2009 International Symposium on Information Engineering and Electronic Commerce. 2009, 804-807
|
| [9] |
Chen Y, Lu J, Chen S, Jan J. A low-cost RFID authentication protocol with location privacy protection. In: Proceedings of 5th International Conference on Information Assurance and Security. 2009, 109-113
CrossRef
Google scholar
|
| [10] |
Dolev D, Yao A. On the security of public-key protocols. IEEE Transactions on Information Theory, 1983, 29(2): 198-208
CrossRef
Google scholar
|
| [11] |
Thornton F, Haines B, Das A, Bhargava H, Campbell A. RFID Security. Rockland: Syngress, 2006
|
| [12] |
Berbain C, Billet O, Etrog J, Gilbert H. An efficient forward private RFID protocol. In: Proceedings of 16th ACM Conference on Computer and Communications Security. 2009, 43-53
CrossRef
Google scholar
|
| [13] |
Vaudenay S. On privacy models for RFID. In: Proceedings of 13th International Conference on the Theory and Application of Cryptology and Information Security. 2007, 68-87
|
| [14] |
Juels A, Weis S. Defining strong privacy for RFID. In: Proceedings of 5th Annual IEEE International Conference on Pervasive Computing and Communications Workshops. 2007, 342-347
|
| [15] |
Paise R, Vaudenay S. Mutual authentication in RFID: security and privacy. In: Proceedings of the 2008 ACM Symposium on Information, Computer and Communications Security. 2008, 292-299
CrossRef
Google scholar
|
| [16] |
Deng R, Li Y, Yung M, Zhao Y. A new framework for RFID privacy. In: Proceedings of 15th European Conference on Research in Computer Security. 2010, 1-18
|
/
| 〈 |
|
〉 |
AI Summary
