566 research outputs found

    Cryptanalysis of two mutual authentication protocols for low-cost RFID

    Full text link
    Radio Frequency Identification (RFID) is appearing as a favorite technology for automated identification, which can be widely applied to many applications such as e-passport, supply chain management and ticketing. However, researchers have found many security and privacy problems along RFID technology. In recent years, many researchers are interested in RFID authentication protocols and their security flaws. In this paper, we analyze two of the newest RFID authentication protocols which proposed by Fu et al. and Li et al. from several security viewpoints. We present different attacks such as desynchronization attack and privacy analysis over these protocols.Comment: 17 pages, 2 figures, 1 table, International Journal of Distributed and Parallel system

    Ultra-lightweight Mutual Authentication Protocols: Weaknesses and Countermeasures

    Get PDF

    Enhancing the security of RCIA ultra-lightweight authentication protocol by using Random Number Generator (RNG) technique

    Get PDF
    This study is an attempt to enhance the security of Robust Confidentiality, Integrity, and Authentication (RCIA) ultra-lightweight authentication protocols.In the RCIA protocol, IDs value is sent between reader and tag as a constant value.This makes RCIA susceptible to traceability attack which lead to the privacy issue. In order to overcome this problem, Random Number Generator (RNG) technique based on Bitwise operations has been used in the tag side.The idea of this technique is to change the IDs of a tag on every query session so that it will not stay as a constant value.The implementation of Enhanced RCIA has been conducted by using a simulation.The simulation provided the ability to show that the operations of RCIA protocol as to compare with the enhanced RCIA.The outcome shows that the enhanced RCIA outperforms existing one in terms of privacy

    Enhancing the security of RCIA ultra-lightweight authentication protocol by using random number generator (RNG) technique

    Get PDF
    With the growing demand for low-cost Radio Frequency Identification (RFID) system, there is a necessity to design RFID ultra-lightweight authentication protocols to be compatible with the system and also resistant against possible attacks. However, the existing ultra-lightweight authentication protocols are susceptible to wide range of attacks. This study is an attempt to enhance the security of Robust Confidentiality, Integrity, and Authentication (RCIA) ultra-lightweight authentication protocols especially with regard to privacy issue. In the RCIA protocol, IDs value is sent between reader and tag as a constant value. The constant value will enable attacker to trace the location of the tag which violates the privacy users. In order to enhance the security of RCIA protocol, Random Number Generator (RNG) technique has been used. This technique relies on generating random numbers in the tag side, based on Bitwise operations. The idea of this technique is to change the IDs of a tag on every query session so that it will not stay as a constant value. The implementation of Enhanced RCIA has been conducted by using a simulation. The simulation provided the ability to show that the operations of RCIA protocol as to compare with the enhanced RCIA. The outcome shows that the enhanced RCIA outperforms existing one in terms of privacy

    Vulnerability Analysis of a Mutual Authentication Protocol Conforming to EPC Class-1 Generation-2 Standard

    Full text link
    In this paper we scrutinize the security properties of an RFID authentication protocol conforming to the EPC Class-1 Generation-2 standard. The protocol is suitable for Gen-2 passive tags and requires simple computations. The authors claim that the scheme provides privacy protection and authentication and offers resistant against commonly assumed attacks. We propose a de-synchronization and an impersonation attack in which the disclosing of the secret information (i.e. secret key and static identifier) shared between the tag and the reader is unnecessary to success in these attacks
    • …
    corecore