nach oben

The Journal of Supercomputing

Erschienen in:

01.08.2013

Cryptanalysis of the RNTS system

verfasst von: Pablo Picazo-Sanchez, Lara Ortiz-Martin, Pedro Peris-Lopez, Julio Cesar Hernandez-Castro

Erschienen in: The Journal of Supercomputing | Ausgabe 2/2013

Einloggen

Aktivieren Sie unsere intelligente Suche, um passende Fachinhalte oder Patente zu finden.

search-config

KI-gestützte Suche

Aus

Abstract

Internet of Things is a paradigm that enables communication between different devices connected to a local network or to Internet. Identification and communication between sensors used in Internet of Things and devices like smart-phones or tablets are established using radio frequency identification technology. However, this technology still has several security and privacy issues because of its severe computational constraints. In 2011, Jeong and Anh proposed the combined use of an authentication radio frequency identification protocol together with a ticket issuing system for bank services (in J. Supercomput. 55:307, 2011). In this paper we show that their message generation is weak, because it abuses the XOR operation and the use of a counter, which leaks too much secret protocol information. Our analysis shows important security faults that ruin most of the security properties claimed in the original paper. More precisely, information privacy (via a disclosure and leakage attack) and location privacy (traceability attack) are both compromised. Moreover, an attacker can disrupt the proper working of the system by exploiting the fact that message integrity is not properly checked.

Vorheriger Artikel A flexible and dynamic page migration infrastructure based on hardware counters

Nächster Artikel Energy-efficient and secure in-network storage and retrieval for WSNs: an adaptive approach

Sie haben noch keine Lizenz? Dann Informieren Sie sich jetzt über unsere Produkte:

Springer Professional "Wirtschaft"

Online-Abonnement

Mit Springer Professional "Wirtschaft" erhalten Sie Zugriff auf:

über 67.000 Bücher
über 340 Zeitschriften

aus folgenden Fachgebieten:

Bauwesen + Immobilien
Business IT + Informatik
Finance + Banking
Management + Führung
Marketing + Vertrieb
Versicherung + Risiko

Jetzt Wissensvorsprung sichern!

Jetzt informieren

Springer Professional "Technik"

Online-Abonnement

Mit Springer Professional "Technik" erhalten Sie Zugriff auf:

über 67.000 Bücher
über 390 Zeitschriften

aus folgenden Fachgebieten:

Automobil + Motoren
Bauwesen + Immobilien
Business IT + Informatik
Elektrotechnik + Elektronik
Energie + Nachhaltigkeit
Maschinenbau + Werkstoffe

Jetzt Wissensvorsprung sichern!

Jetzt informieren

Springer Professional "Wirtschaft+Technik"

Online-Abonnement

Mit Springer Professional "Wirtschaft+Technik" erhalten Sie Zugriff auf:

über 102.000 Bücher
über 537 Zeitschriften

aus folgenden Fachgebieten:

Automobil + Motoren
Bauwesen + Immobilien
Business IT + Informatik
Elektrotechnik + Elektronik
Energie + Nachhaltigkeit
Finance + Banking
Management + Führung
Marketing + Vertrieb
Maschinenbau + Werkstoffe
Versicherung + Risiko

Jetzt Wissensvorsprung sichern!

Jetzt informieren

Corresponding to the first hexadecimal digits of π.

Atzori L, Iera A, Morabito G (2010) The Internet of things: a survey. Comput Netw 54(15):2787–2805 MATHCrossRef

Avoine G, Carpent X, Martin B (2010) Strong authentication and strong integrity (SASI) is not that strong. In: Proceedings of RFIDSec, pp 50–64

Chien H-Y (2007) SASI a new ultralightweight RFID authentication protocol providing strong authentication and strong integrity. IEEE Trans Dependable Secure Comput 4(4):337–340 CrossRef

Chien H-Y, Huang C-W (2007) Security of ultra-lightweight RFID authentication protocols and its improvements. Oper Syst Rev 41:83–86 CrossRef

Darianian M, Michael MP (2008) Smart home mobile rfid-based Internet-of-things systems and services. In: Proceedings of the 2008 international conference on advanced computer theory and engineering, ICACTE’08, Washington, DC, USA. IEEE Computer Society Press, Los Alamitos, pp 116–120 CrossRef

Feldhofer M, Rechberger C (2006) A case against currently used hash functions in RFID protocols. In: Proceedings of OTM. Lecture notes in computer science, vol 4277. Springer, Berlin, pp 372–381

Haller S, Karnouskos S, Schroth C (2009) Future Internet—fis 2008. In: The Internet of things in an enterprise context. Springer, Berlin, pp 14–28

Hardy GH, Wright EM (1979) An introduction to the theory of numbers, 5th edn. Clarendon Press, Oxford MATH

Jeong C, Ahn K (2011) Efficient RNTS system for privacy of banking off-line customer. J Supercomput 55:307–319 CrossRef

10.

Juels A (2006) RFID security and privacy: a research survey. IEEE J Sel Areas Commun 24(2):381–394 MathSciNetCrossRef

11.

Juels A, Weis SA (2007) Defining strong privacy for RFID. In: Proceedings of PerCom, pp 342–347

12.

Knudsen LR (2000) Block chaining modes of operation. Reports in Informatics N0. 207, Department of Informatics, University of Bergen, Norway (ISSN 0333-3590), October 2000

13.

Lee K (2010) A two-step mutual authentication protocol based on randomized hash-lock for small RFID networks. In: Proceedings of NSS, September 2010, pp 527–533

14.

Michael MP, Darianian M (2008) Architectural solutions for mobile rfid services for the Internet of things. In: Proceedings of the 2008 IEEE congress on services—part I, SERVICES ’08, Washington, DC, USA. IEEE Computer Society Press, Los Alamitos, pp 71–74 CrossRef

15.

Miorandi D, Sicari S, Pellegrini FD, Chlamtac I (2012) Internet of things: vision, applications and research challenges. Ad Hoc Netw 10(7):1497–1516 CrossRef

16.

Moradi A, Poschmann A, Ling S, Paar C, Wang H (2011) Pushing the limits: a very compact and a threshold implementation of AES. In: Proceedings of EUROCRYPT’11, pp 69–88

17.

Syamsuddin I, Dillon T, Chang E, Han S (2008) A survey of RFID authentication protocols based on hash-chain method. In: Proceedings of ICCIT, vol 2. IEEE Press, New York, pp 559–564

18.

Tan L, Wang N (2010) Future Internet: the Internet of things. In: 3rd international conference on advanced computer theory and engineering (ICACTE), vol 5, pp V5–376–V5–380

19.

Weber RH (2010) Internet of things new security and privacy challenges. Comput Law & Secur Rev 26(1):23–30 CrossRef

20.

Welbourne E, Battle L, Cole G, Gould K, Rector K, Raymer S, Balazinska M, Borriello G (2009) Building the Internet of things using rfid: the rfid ecosystem experience. IEEE Internet Comput 13(3):48–55 CrossRef

21.

Yan T, Wen Q (2011) Building the Internet of things using a mobile rfid security protocol based on information technology. In: Jin D, Lin S (eds) Advances in computer science, intelligent system and environment. Advances in intelligent and soft computing, vol 104. Springer, Berlin, pp 143–149 CrossRef

22.

Yeh K-H, Lo N, Winata E (2010) An efficient ultralightweight authentication protocol for RFID systems. In: Proceedings of RFIDSec Asia, pp 49–60

Titel: Cryptanalysis of the RNTS system
verfasst von: Pablo Picazo-Sanchez
Lara Ortiz-Martin
Pedro Peris-Lopez
Julio Cesar Hernandez-Castro
Publikationsdatum: 01.08.2013
Verlag: Springer US
Erschienen in: The Journal of Supercomputing / Ausgabe 2/2013
Print ISSN: 0920-8542
Elektronische ISSN: 1573-0484
DOI: https://doi.org/10.1007/s11227-013-0873-3

Springer Professional

Abstract

Bitte loggen Sie sich ein, um Zugang zu Ihrer Lizenz zu erhalten.

Sie haben noch keine Lizenz? Dann Informieren Sie sich jetzt über unsere Produkte:

Springer Professional "Wirtschaft"

Springer Professional "Technik"

Springer Professional "Wirtschaft+Technik"

Weitere Artikel der Ausgabe 2/2013

Secure proxy signature schemes from the Weil pairing

Design and formal verification of a hierarchical cache coherence protocol for NoC based multiprocessors

A flexible and dynamic page migration infrastructure based on hardware counters

An efficient scheduling scheme using estimated execution time for heterogeneous computing systems

A GPU implementation of a structural-similarity-based aerial-image classification

Efficient noise reduction in images using directional modified sigma filter

Premium Partner