779 research outputs found
Cryptanalysis of Some Protocols for RFID Systems
In this paper we analyze the security of the mutual authentication and ownership transfer protocols
which have been recently proposed by Kulseng \textit{et al.} Our analysis demonstrates a variety of
attacks against these protocols. We present a secret parameters disclosure attack which discloses
any secret parameter between the tag and the reader. Our disclosure attack can be easily used as an
impersonation attack against the mutual authentication protocol.
In addition, we present an attack that retrieves the -value in the ownership transfer protocol,
where the -value is a parameter that must be kept secret from any party including the owner of
the tag.
All the attacks presented in this work are passive, have low complexity and have the success probability of 1
Cryptanalysis of two mutual authentication protocols for low-cost RFID
Radio Frequency Identification (RFID) is appearing as a favorite technology
for automated identification, which can be widely applied to many applications
such as e-passport, supply chain management and ticketing. However, researchers
have found many security and privacy problems along RFID technology. In recent
years, many researchers are interested in RFID authentication protocols and
their security flaws. In this paper, we analyze two of the newest RFID
authentication protocols which proposed by Fu et al. and Li et al. from several
security viewpoints. We present different attacks such as desynchronization
attack and privacy analysis over these protocols.Comment: 17 pages, 2 figures, 1 table, International Journal of Distributed
and Parallel system
A Fault Analytic Method against HB+
The search for lightweight authentication protocols suitable for low-cost
RFID tags constitutes an active and challenging research area. In this context,
a family of protocols based on the LPN problem has been proposed: the so-called
HB-family. Despite the rich literature regarding the cryptanalysis of these
protocols, there are no published results about the impact of fault analysis
over them. The purpose of this paper is to fill this gap by presenting a fault
analytic method against a prominent member of the HB-family: HB+ protocol. We
demonstrate that the fault analysis model can lead to a flexible and effective
attack against HB-like protocols, posing a serious threat over them
Pitfalls in Ultralightweight RFID Authentication Protocol
Radio frequency identification (RFID) is one of the most promising identification schemes in the field of pervasive systems. Non-line of sight capability makes RFID systems more protuberant than its contended systems. Since the RFID systems incorporate wireless medium, so there are some allied security threats and apprehensions from malicious adversaries. In order to make the system reliable and secure, numerous researchers have proposed ultralightweight mutual authentication protocols; which involve only simple bitwise logical operations (AND, XOR & OR etc.) to provide security. In this paper, we have analyzed the security vulnerabilities of state of the art ultralightweight RFID authentication protocol: RAPP. We have proposed three attacks (two DoS and one Desynchronization) in RAPP protocol and challenged its security claims. Moreover, we have also highlighted some common pitfalls in ultralightweight authentication protocol designs. This will help as a sanity check, improve and longevity of ultralightweight authentication protocol designs
Ultralightweight Cryptography for passive RFID systems
RFID (Radio Frequency Identification) is one of the most growing technologies among the pervasive systems. Non line of sight capability makes RFID systems much faster than its other contending systems such as barcodes and magnetic taps etc. But there are some allied security apprehensions with RFID systems. RFID security has been acquired a lot of attention in last few years as evinced by the large number of publications (over 3000). In this paper, a brief survey of eminent ultralightweight authentication protocols has been presented & then a four-layer security model, which comprises of various passive and active attacks, has been proposed. Finally, Cryptanalysis of these protocols has also been performed under the implications of the proposed security model
- …