A Fault Analytic Method against HB+

The search for lightweight authentication protocols suitable for low-cost RFID tags constitutes an active and challenging research area. In this context, a family of protocols based on the LPN problem has been proposed: the so-called HB-family. Despite the rich literature regarding the cryptanalysis of these protocols, there are no published results about the impact of fault analysis over them. The purpose of this paper is to fill this gap by presenting a fault analytic method against a prominent member of the HB-family: HB+ protocol. We demonstrate that the fault analysis model can lead to a flexible and effective attack against HB-like protocols, posing a serious threat over them

SLRV: An RFID Mutual Authentication Protocol Conforming to EPC Generation-2 Standard

Having done an analysis on the security vulnerabilities of Radio Frequency Identification (RFID) through a desynchronization and an impersonation attacks, it is revealed that the secret information (i.e.: secret key and static identifier) shared between the tag and the reader is unnecessary. To overcome the vulnerability, this paper introduces Shelled Lightweight Random Value (SLRV) protocol; a mutual authentication protocol with high-security potentials conforming to  electronic product code (EPC) Class-1 Generation-2 Tags, based on lightweight and standard cryptography on the tag’s and reader’s side, respectively. SLRV prunes de-synchronization attacks where the updating of internal values is only executed on the tag’s side and is a condition to a successful mutual authentication. Results of security analysis of SLRV, and comparison with existing protocols, are presented

Vulnerability Analysis of a Mutual Authentication Protocol Conforming to EPC Class-1 Generation-2 Standard

In this paper we scrutinize the security properties of an RFID authentication protocol conforming to the EPC Class-1 Generation-2 standard. The protocol is suitable for Gen-2 passive tags and requires simple computations. The authors claim that the scheme provides privacy protection and authentication and offers resistant against commonly assumed attacks. We propose a de-synchronization and an impersonation attack in which the disclosing of the secret information (i.e. secret key and static identifier) shared between the tag and the reader is unnecessary to success in these attacks

Lightweight mutual authentication, owner transfer, and secure search protocols for RFID systems

RFID technology can potentially be applied almost everywhere. A typical RFID system involves a reader and a number of tags, which may range from the battery-powered ones with Wi-Fi capabilities, to the low-cost ones that are constrained in resources with even no internal power. Keeping RFID systems secure is important, because they are vulnerable to a number of malicious attacks. As for low-cost RFID systems, security problems become much more challenging, as many traditional security mechanisms are inefficient or even impossible due to resource constraints. Some existing solutions utilize traditional cryptographic primitives such as hash or encryption functions, which are often too expensive in hardware to be implemented on low-cost RFID tags. Furthermore, some other lightweight solutions have been reported to be broken, revealing their keys and ID numbers to the attackers. In this thesis, we propose lightweight solutions to Mutual Authentication and Ownership Transfer for RFID systems. Mutual Authentication mitigates the issues of eavesdropping and cloning of tags. Only authenticated readers and tags will successfully communicate with each other. Furthermore, we adapt our Mutual Authentication scheme to secure the Ownership Transfer of RFID tags, which is a pertinent issue in the scope of RFID. When an item passes from one owner to another, it is undesirable for the old owner to be able to access the tag or read data from it. The new user must therefore update the access-granting information without revealing this to the old owner. Tag search is another important functionality that a RFID system should provide. In this thesis, we study how to secure tag search with a focus on low-cost RFID systems for which existing solution is not efficient. These protocols are all realized by utilizing minimalistic cryptography such as Physically Unclonable Functions (PUF) and Linear Feedback Shift Registers (LFSR). PUFs and LFSRs are very efficient in hardware, and provide the low-cost RFID tags with unique characteristics that prevent a multitude of attacks. Compared to existing solutions built on top of hash functions that require 8000 - 10000 gates, our experimental results show that the schemes we propose demand only between 650 - 1400 gates for 64 bit variables and can be easily accommodated by the cheapest RFID tags with only 2000 gates available for security functions

Vulnerability Analysis of a Mutual Authentication Protocol Conforming to EPC Class-1 Generation-2 Standard

In this paper we scrutinize the security properties of an RFID authentication protocol conforming to the EPC Class-1 Generation-2 standard. The protocol is suitable for Gen-2 passive tags and requires simple computations. The authors claim that the scheme provides privacy protection and authentication and offers resistant against commonly assumed attacks. We propose a de-synchronization and an impersonation attack in which the disclosing of the secret information (i.e. secret key and static identifier) shared between the tag and the reader is unnecessary to success in these attacks

Pitfalls in Ultralightweight RFID Authentication Protocol

Radio frequency identification (RFID) is one of the most promising identification schemes in the field of pervasive systems. Non-line of sight capability makes RFID systems more protuberant than its contended systems. Since the RFID systems incorporate wireless medium, so there are some allied security threats and apprehensions from malicious adversaries. In order to make the system reliable and secure, numerous researchers have proposed ultralightweight mutual authentication protocols; which involve only simple bitwise logical operations (AND, XOR & OR etc.) to provide security. In this paper, we have analyzed the security vulnerabilities of state of the art ultralightweight RFID authentication protocol: RAPP. We have proposed three attacks (two DoS and one Desynchronization) in RAPP protocol and challenged its security claims.  Moreover, we have also highlighted some common pitfalls in ultralightweight authentication protocol designs. This will help as a sanity check, improve and longevity of ultralightweight authentication protocol designs