Cryptanalysis of two mutual authentication protocols for low-cost RFID

Radio Frequency Identification (RFID) is appearing as a favorite technology for automated identification, which can be widely applied to many applications such as e-passport, supply chain management and ticketing. However, researchers have found many security and privacy problems along RFID technology. In recent years, many researchers are interested in RFID authentication protocols and their security flaws. In this paper, we analyze two of the newest RFID authentication protocols which proposed by Fu et al. and Li et al. from several security viewpoints. We present different attacks such as desynchronization attack and privacy analysis over these protocols.Comment: 17 pages, 2 figures, 1 table, International Journal of Distributed and Parallel system

Criptografía ligera en dispositivos de identificación por radiofrecuencia- RFID

Esta tesis se centra en el estudio de la tecnología de identificación por radiofrecuencia (RFID), la cual puede ser considerada como una de las tecnologías más prometedoras dentro del área de la computación ubicua. La tecnología RFID podría ser el sustituto de los códigos de barras. Aunque la tecnología RFID ofrece numerosas ventajas frente a otros sistemas de identificación, su uso lleva asociados riesgos de seguridad, los cuales no son fáciles de resolver. Los sistemas RFID pueden ser clasificados, atendiendo al coste de las etiquetas, distinguiendo principalmente entre etiquetas de alto coste y de bajo coste. Nuestra investigación se centra fundamentalmente en estas últimas. El estudio y análisis del estado del arte nos ha permitido identificar la necesidad de desarrollar soluciones criptográficas ligeras adecuadas para estos dispositivos limitados. El uso de soluciones criptográficas estándar supone una aproximación correcta desde un punto de vista puramente teórico. Sin embargo, primitivas criptográficas estándar (funciones resumen, código de autenticación de mensajes, cifradores de bloque/flujo, etc.) exceden las capacidades de las etiquetas de bajo coste. Por tanto, es necesario el uso de criptografía ligera._______________________________________This thesis examines the security issues of Radio Frequency Identification (RFID) technology, one of the most promising technologies in the field of ubiquitous computing. Indeed, RFID technology may well replace barcode technology. Although it offers many advantages over other identification systems, there are also associated security risks that are not easy to address. RFID systems can be classified according to tag price, with distinction between high-cost and low-cost tags. Our research work focuses mainly on low-cost RFID tags. An initial study and analysis of the state of the art identifies the need for lightweight cryptographic solutions suitable for these very constrained devices. From a purely theoretical point of view, standard cryptographic solutions may be a correct approach. However, standard cryptographic primitives (hash functions, message authentication codes, block/stream ciphers, etc.) are quite demanding in terms of circuit size, power consumption and memory size, so they make costly solutions for low-cost RFID tags. Lightweight cryptography is therefore a pressing need. First, we analyze the security of the EPC Class-1 Generation-2 standard, which is considered the universal standard for low-cost RFID tags. Secondly, we cryptanalyze two new proposals, showing their unsuccessful attempt to increase the security level of the specification without much further hardware demands. Thirdly, we propose a new protocol resistant to passive attacks and conforming to low-cost RFID tag requirements. In this protocol, costly computations are only performed by the reader, and security related computations in the tag are restricted to very simple operations. The protocol is inspired in the family of Ultralightweight Mutual Authentication Protocols (UMAP: M2AP, EMAP, LMAP) and the recently proposed SASI protocol. The thesis also includes the first published cryptanalysis of xi SASI under the weakest attacker model, that is, a passive attacker. Fourthly, we propose a new protocol resistant to both passive and active attacks and suitable for moderate-cost RFID tags. We adapt Shieh et.’s protocol for smart cards, taking into account the unique features of RFID systems. Finally, because this protocol is based on the use of cryptographic primitives and standard cryptographic primitives are not supported, we address the design of lightweight cryptographic primitives. Specifically, we propose a lightweight hash function (Tav-128) and a lightweight Pseudo-Random Number Generator (LAMED and LAMED-EPC).We analyze their security level and performance, as well as their hardware requirements and show that both could be realistically implemented, even in low-cost RFID tags

Prevention And Detection Mechanism For Security In Passive Rfid System

Low-cost radio frequency identification (RFID) tags conforming to the EPCglobal Class-1 Generation-2 standard are inherently insecure due to computational constraints. This thesis proposed the use of both prevention and detection mechanisms to solve the security and privacy issues. A lightweight cryptographic mutual authentication protocol which is resistant to tracking, denial of service (DoS) and replay attacks is proposed as a prevention mechanism. The proposed protocol is designed with lightweight cryptographic algorithm, including XOR, Hamming distance, rotation and a modified linear congruential generator (MLCG). The proposed protocol using 64 bits index is proved having the lowest non-unequivocally identification probability. In addition, the randomness of the session key generated from the MLCG is verified using NIST test suite. Besides that, the security of the proposed protocol is validated using the formal analysis tool, AVISPA. The correctness of the proposed protocol is demonstrated in a simulation model developed in JAVA TCP/IP socket. Next, the proposed protocol is implemented in RFID system including IAIK UHF Demo tag, TagSense Nano-UHF reader and back-end database. A GUI is created in a form of JAVA application to display data detected from tag. The proposed protocol implemented in real RFID system outperforms other related protocols because of 13.46 % shorter read time and write time consumed. The system is proved to be able to prevent tracking, DoS, and replay attacks from adversaries with moderate computation requirement compared to other related protocols

Vulnerability Analysis of a Mutual Authentication Protocol Conforming to EPC Class-1 Generation-2 Standard

In this paper we scrutinize the security properties of an RFID authentication protocol conforming to the EPC Class-1 Generation-2 standard. The protocol is suitable for Gen-2 passive tags and requires simple computations. The authors claim that the scheme provides privacy protection and authentication and offers resistant against commonly assumed attacks. We propose a de-synchronization and an impersonation attack in which the disclosing of the secret information (i.e. secret key and static identifier) shared between the tag and the reader is unnecessary to success in these attacks

Vulnerability Analysis of a Mutual Authentication Protocol Conforming to EPC Class-1 Generation-2 Standard

In this paper we scrutinize the security properties of an RFID authentication protocol conforming to the EPC Class-1 Generation-2 standard. The protocol is suitable for Gen-2 passive tags and requires simple computations. The authors claim that the scheme provides privacy protection and authentication and offers resistant against commonly assumed attacks. We propose a de-synchronization and an impersonation attack in which the disclosing of the secret information (i.e. secret key and static identifier) shared between the tag and the reader is unnecessary to success in these attacks

PGMAP: a privacy guaranteed mutual authentication protocol conforming to EPC class 1 gen 2 standards

To resolve the security vulnerabilities and comply with EPC Class 1 Gen 2 UHF RFID (EPC C1G2) Standard at the same time, we present a Privacy Guaranteed Mutual Authentication Protocol (PGMAP). By utilizing the existing functions and memory bank of tag, we amend the processing sequence based on current EPC architecture. An auto-updating index number IDS is enrolled to provide privacy protection to EPC code and a set of light weight algorithms utilizing tag's PRNG are added for authentication. Several attacks to the existing security solutions can be effectively resolved in our protocol. © 2008 IEEE.published_or_final_versionThe IEEE International Conference on e-Business Engineering (ICEBE 2008), Xi'an, China, 22-24 October 2008. In Proceedings of ICEBE, 2008, p. 289-29