A New Secure and Efficient Ownership Transfer Protocol based on Quadric Residue and Homomorphic Encryption

In systems equipped with radio frequency identification (RFID) technology, several security concerns may arise when the ownership of a tag should be transferred from one owner to another, e.g., the confidentiality of information related to the old owner or the new owner. Therefore, this transfer is usually done via a security protocol called the ownership transfer protocol. If the ownership of several things together transmitted from one owner to another during a single session, the protocol is referred to as the group ownership transfer protocol. Lee et al. recently proposed a new group ownership transfer protocol by using cloud server, as a trusted third-party, and based on homomorphic encryption and quadratic residue. In this paper, at first, we explain some important security attacks against this recently proposed RFID group ownership transfer protocol. The success probability of any attack that is presented in this paper is $1$ and the complexity is just a run of the protocol. Zhu et al. also in order to provide simultaneous transfer of group of tags in multi-owner environment proposed a lightweight anonymous group ownership transfer protocol. In this paper, we show that it suffers from desynchronization attack. The success probability of this attack is 1 and its complexity is only five runs of group ownership transfer protocol. In addition, to overcome the Lee \textit{et al.} protocol security weaknesses, we present a new group ownership transfer protocol which is resistant against all known active and passive attacks, including the attacks presented in this paper. The provided security proof through informal methods and also formal methods such as Barrows-Abadi-Needham logic and Scyther tool show the proposed protocol\u27s security correctness

Passive Secret Disclosure Attack on an Ultralightweight Authentication Protocol for Internet of Things

Recently, Tewari and Gupta have proposed an ultralightweight RFID authentication protocol. In this paper, we consider the security of the proposed protocol and present a passive secret disclosure attack against it. The success probability of the attack is `1\u27 while the complexity of the attack is only eavesdropping one session of the protocol. The presented attack has negligible complexity. We simulated our attack and verified its correctness

Generalized Desynchronization Attack on UMAP: Application to RCIA, KMAP, SLAP and SASI+^+ protocols

Tian et al. proposed a permutation based authentication protocol entitled RAPP. However, it came out very soon that it suffers from several security treats such as desynchronization attack. Following RAPP, several protocols have been proposed in literature to defeat such attacks. Among them, some protocols suggested to keep a record of old parameters by both the reader and the tag. In this paper we present a genrilized version of all such protocols, named GUMAP, and present an efficent desynchronization attack against it. The complexity of our attack is 5 consequences sessions of protocol and the success probability is almost 1. Our attack is applicable as it is to recently proposed protocols entitled RCIA, KMAP, SASI$^{+}$ and SLAP. To the best of our knowledge, it is the first report on the vulnerability of these protocols

On the Traceability of Tags in SUAP RFID Authentication Protocols

Widespread adoption of RFID technology in all aspects of our life mainly depends on the fixing the privacy concerns of this technology\u27s customers. Using a tagged object should not lead to existence of the tracing possibility. This concern is a challenging issue that has motivated the researchers to propose several authentication protocols to fix the traceability problem in RFID systems and also provide other security requirements. In this paper, we analyze the security of three authentication protocols which have recently been proposed by Morshed et al. Our security analysis clearly highlights important security pitfalls in these protocols which leads to their vulnerability against traceability. The complexity of the proposed attacks are only several runs of the protocols while the adversary\u27s advantages to trace the tagged object are maximal

On the Security of RFID Anti Cloning Security Protocol(ACSP)

Recently Qian et al. have proposed a new attack for RFID systems, called counting attack, where the attacker just aims to estimate the number of tagged objects instead of steal the tags\u27 private information. They have stated that most of the existing RFID mutual authentication protocols are vulnerable to this attack. To defend against counting attack, they propose a novel Anti-Counting Security Protocol called ACSP. The designers of ACSP have claimed that their protocol is resistant against counting attack and also the other known RFID security threats. However in this paper we present the following efficient attacks against this protocol: 1) Tag impersonation attack: the success probability of attack is 1 while the complexity is two runs of protocol. 2) Two single tag de-synchronization attacks, the success probability of both attacks are 1 while the complexity is at most two runs of protocol. 3)Group of tags de-synchronization attack: this attack, which can de-synchronize all tags in the range at once, has success probability of 1 while its complexity is one run of protocol. 4) Traceability attack: the adversary\u27s advantage in this attack is almost 0.5 , which is almost the maximum of possible advantages for an adversary in the same model. The complexity of attack is three runs of protoco

Security Analysis of Niu et al. Authentication and Ownership Management Protocol

Over the past decade, besides authentication, ownership management protocols have been suggested to transfer or delegate the ownership of RFID tagged items. Recently, Niu et al. have proposed an authentication and ownership management protocol based on 16-bit pseudo random number generators and exclusive-or operations which both can be easily implemented on low-cost RFID passive tags in EPC global Class-1 Generation-2 standard. They claim that their protocol offers location and data privacy and also resists against desynchronization attack. In this paper, we analyze the security of their proposed authentication and ownership management protocol and show that the protocol is vulnerable to secret disclosure and desynchronization attacks. The complexity of most of the attacks are only two runs of the protocol and the success probability of the attacks are almost 1

Cryptanalysis of AZUMI: an EPC Class-1 Generation-2 Standard Compliant RFID Authentication Protocol

In this paper, we analyze the security of AZUMI protocol which is compliant with the EPC-Class-1 Generation-2 standard and recently has been proposed by Peris \textit{et al.} This protocol is an improvement to a protocol proposed by Chen and Deng which has been cryptanalysed by Peris \textit{et al.} and Kapoor and Piramuthu. However, our security analysis clearly shows that the designers were not successful in their attempt to improve the Chen and Deng protocol. More precisely, we present an efficient attack to disclose the tag and the reader secret parameters. In addition, we present a simple tag impersonation attack against this protocol. The success probability of all attacks are almost ``1\u27\u27 and the cost of given attacks are at most eavesdropping two sessions of protocol. However, the given secrets disclosure attack also requires $O(2^{16})$ off-line evaluation of a $PRNG$ function

On the security of Lo et al.’s ownership transfer protocol

Recently Lo et al. have proposed an ownership transfer pro- tocol for RFID objects using lightweight computing operators and claim their protocol provides stronger security robustness and higher perfor- mance efficiency in comparison with existing solutions. However, in this paper we show that their claim unfortunately does not hold. More pre- cisely, we present tag’s secret disclosure attack, new owner’s secret disclo- sure and fraud attack against the Lo et al.’s ownership transfer protocol. The success probability of all attacks is “1” while the complexity is only one run of protocol. Our observation shows that this protocol compro- mise the privacy of the tag and the new owner

Cryptanalysis of Some Protocols for RFID Systems

In this paper we analyze the security of the mutual authentication and ownership transfer protocols which have been recently proposed by Kulseng \textit{et al.} Our analysis demonstrates a variety of attacks against these protocols. We present a secret parameters disclosure attack which discloses any secret parameter between the tag and the reader. Our disclosure attack can be easily used as an impersonation attack against the mutual authentication protocol. In addition, we present an attack that retrieves the $PIN$-value in the ownership transfer protocol, where the $PIN$-value is a parameter that must be kept secret from any party including the owner of the tag. All the attacks presented in this work are passive, have low complexity and have the success probability of 1