nach oben

Wireless Personal Communications

Erschienen in:

08.09.2017

Security Issues in Ultralightweight RFID Authentication Protocols

verfasst von: Xu Zhuang, Yan Zhu, Chin-Chen Chang, Qiang Peng

Erschienen in: Wireless Personal Communications | Ausgabe 1/2018

Einloggen

Aktivieren Sie unsere intelligente Suche, um passende Fachinhalte oder Patente zu finden.

search-config

KI-gestützte Suche

Aus

Abstract

Ultralightweight RFID authentication protocols have attracted much attention from both fields of science and industry in recent years due to their high efficiencies and extensive applicability. However, many studies have shown that the published ultralightweight protocols are vulnerable to various kinds of malicious attacks, which generally are empirical analysis based and protocol dependent. A general and comprehensive study of these security issues is still absent. To supplement theory study in this area, this paper propose general attack models of three most serious attacks: de-synchronization attack, replay attack and full disclosure attack, for ultralightweight RFID protocols. To formalize the de-synchronization attack, we define an artificial function named FindIndex to analyze the ability of an ultralightweight RFID protocol to keep its data integrity. The proposed de-synchronization attack can break synchronization between RFID tag and database of most ultralightweight protocols with considerable success rates. Our replay attack demonstrates the uselessness of all existing redundancy mechanisms used to solve problems caused by losing final messages. That means all the protocols adopting redundancy mechanisms that store old secrets in one side or both sides cannot resist the proposed replay attack. Furthermore, we develop full-disclosure attacks for T-function based and rotation based RFID protocols, respectively. The described full-disclosure attacks are quite effective and can reveal some or all secrets in RFID tags. Our study shows the most common design flaws in those RFID protocols so that researchers are still faced with challenges to develop a secure ultralightweight RFID protocol.

Vorheriger Artikel Polarization Planning for Wireless Networks

Nächster Artikel A Fuzzy Congestion Control Protocol Based on Active Queue Management in Wireless Sensor Networks with Medical Applications

Sie haben noch keine Lizenz? Dann Informieren Sie sich jetzt über unsere Produkte:

Springer Professional "Technik"

Online-Abonnement

Mit Springer Professional "Technik" erhalten Sie Zugriff auf:

über 67.000 Bücher
über 390 Zeitschriften

aus folgenden Fachgebieten:

Automobil + Motoren
Bauwesen + Immobilien
Business IT + Informatik
Elektrotechnik + Elektronik
Energie + Nachhaltigkeit
Maschinenbau + Werkstoffe

Jetzt Wissensvorsprung sichern!

Jetzt informieren

Springer Professional "Wirtschaft+Technik"

Online-Abonnement

Mit Springer Professional "Wirtschaft+Technik" erhalten Sie Zugriff auf:

über 102.000 Bücher
über 537 Zeitschriften

aus folgenden Fachgebieten:

Automobil + Motoren
Bauwesen + Immobilien
Business IT + Informatik
Elektrotechnik + Elektronik
Energie + Nachhaltigkeit
Finance + Banking
Management + Führung
Marketing + Vertrieb
Maschinenbau + Werkstoffe
Versicherung + Risiko

Jetzt Wissensvorsprung sichern!

Jetzt informieren

Springer Professional "Wirtschaft"

Online-Abonnement

Mit Springer Professional "Wirtschaft" erhalten Sie Zugriff auf:

über 67.000 Bücher
über 340 Zeitschriften

aus folgenden Fachgebieten:

Bauwesen + Immobilien
Business IT + Informatik
Finance + Banking
Management + Führung
Marketing + Vertrieb
Versicherung + Risiko

Jetzt Wissensvorsprung sichern!

Jetzt informieren

Nur mit Berechtigung zugänglich

Peris-Lopez, P., Hernandez-Castro, J. C., Tapiador, J. M. E., & Ribagorda, A. (2006). LMAP: A real lightweight mutual authentication protocol for low-cost RFID tags. In Proceedings of second workshop RFID security.

Peris-Lopez, P., Hernandez-Castro, J. C., Tapiador, J. M. E., & Ribagorda, A. (2006). M²AP: A minimalist mutual-authentication protocol for low-cost RFID tags. In Proceedings of 2006 international conference on ubiquitous intelligence and computing (pp. 912–923).

Peris-Lopez, P., Hernandez-Castro, J. C., Tapiador, J. M. E., & Ribagorda, A. (2006). EMAP: An efficient mutual authentication protocol for low-cost RFID tags. In Proceedings of OTM federated conferences and workshop: IS workshop (pp. 352–361).

Li, T., & Wang, G. (2007). SLMAP-A secure ultra-lightweight RFID mutual authentication protocol. In Proceedings of Chinacrypt’07 (pp. 19–22).

Li, T. (2008). Employing lightweight primitives on low-cost RFID tags for authentication. In Proceedings of IEEE vehicular technology conference (VTC’ 08) (pp. 1–5).

Peris-Lopez, P., Hernandez-Castro, J. C., Tapiador, J. M. E., & Ribagorda, A. (2009). An ultra lightweight authentication protocol resistant to passive attacks under the Gen-2 specification. Journal of Information Science and Engineering, 25, 33–57.

Chien, H. Y. (2007). SASI: A new ultralightweight RFID authentication protocol providing strong authentication and strong integrity. IEEE Transactions on Dependable and Secure Computing, 4(4), 337–340.CrossRef

Yeh, K. H., Lo, N. W., & Winata, E. (2010). An efficient ultralightweight authentication protocol for RFID systems. In Proceedings of RFIDSec Asia 2010, cryptography and information security services (Vol. 4, pp. 49–60).

Lee, Y. C. (2012). Two ultralightweight authentication protocols for low-cost RFID tags. Applied Mathematics and Information Sciences, 6(2), 425–431.MathSciNet

10.

Lee, Y. C., You, P. S., & Chen, T. C. (2009). A new ultralightweight RFID protocol with mutual authentication. In Proceedings of the 2009 WASE international conference on information engineering (Vol. 2, pp. 58–61).

11.

Tian, Y., Chen, G., & Li, J. (2012). A new ultralightweight RFID authentication protocol with permutation. IEEE Communications Letters, 16(4), 702–705.CrossRef

12.

Jeon, I.-S., & Yoon, E. J. (2013). A new ultralightweight RFID authentication protocol using merge and separation operations. International Journal of Mathematical Analysis, 7(52), 2583–2593.CrossRef

13.

Zhuang, X., Wang, Z. H., Chang, C. C., & Zhu, Y. (2013). Security analysis of a new ultra-lightweight RFID protocol and its improvement. Journal of Information Hiding and Multimedia Signal Processing, 4, 166–177.

14.

Klimov, A., & Shamir, A. (2005). New applications of T-functions in block ciphers and hash functions. In Proceedings of FSE’05 (Vol. 3557, pp. 18–31).

15.

Ahmadian, Z., Salmasizadeh, M., & Aref, M. R. (2013). Recursive linear and differential cryptanalysis of ultralightweight authentication protocols. IEEE Transactions on Information Forensics and Security, 8(7), 1140–1151.CrossRef

16.

Phan, R. C. W. (2009). Cryptanalysis of a new ultralightweight RFID authentication protocol-SASI. IEEE Transactions on Dependable and Secure Computing, 6(4), 316–320.CrossRef

17.

Zhuang, X., Zhu, Y., & Chang, C. C. (2014). A new ultralightweight RFID protocol for low-cost tags: R²AP. Wireless Personal Communications, 79(3), 1787–1802.CrossRef

18.

Lo, N. W., Yeh, K.-H., & Chen, H.-Y. (2012). Analysis against secret redundancy mechanism for RFID authentication protocol. In 2012 IEEE international conference on communication, network and satellite (ComNetSat). IEEE.

19.

David, M., & Prasad, N. R. (2009). Providing strong security and high privacy in low-cost RFID networks. In Security and privacy in mobile information and communication systems (pp. 172–179).

20.

Li, T., & Wang, G. (2007). Security analysis of two ultra-lightweight RFID authentication protocols. In Proceedings of 22nd IFIP TC-11 international information security conference (Vol. 232, pp. 109–120).

21.

Li, T., Wang, G., & Deng, R. H. (2008). Security analysis on a family of ultralightweight RFID authentication protocols. Journal of Software, 3(3), 1–10.CrossRef

22.

Hernandex-Castro, J. C., Peris-Lopez, P., Phan, R. C. W., & Tapiador, J. M. E. (2010). Cryptanalysis of the David–Prasad RFID ultralightweight authentication protocol. In Proceedings of 2010 international workshop on radio frequency identification: security and privacy issues (pp. 22–34).

Titel: Security Issues in Ultralightweight RFID Authentication Protocols
verfasst von: Xu Zhuang
Yan Zhu
Chin-Chen Chang
Qiang Peng
Publikationsdatum: 08.09.2017
Verlag: Springer US
Erschienen in: Wireless Personal Communications / Ausgabe 1/2018
Print ISSN: 0929-6212
Elektronische ISSN: 1572-834X
DOI: https://doi.org/10.1007/s11277-017-4895-7

Neuer Inhalt

Bildnachweise

VDI-Icon, Profil Icon, inhalt2, Springer Professional Modul/© Springer Fachmedien Wiesbaden GmbH, Nachhaltigkeitsaward Key Visual/© Cometis AG/Global ESG Monitor | Daniel Rupp | Generiert mit KI, Search Icon, Banner Hanser, Arbeitszeit/© granata68 / Fotolia, E-Autos im Fuhrpark: Lohnt sich das noch?/© Petair / stock.adobe.com, Kryptowährungen/© gopixa / Getty Images / iStock, Zeitschrift Wissensmanagement Cover, PatentFit-Logo/© Springer Fachmedien Wiesbaden GmbH, Sustainibility Finance/© Robert Kneschke / stock.adobe.com / Springer Fachmedien Wiesbaden GmbH, Zukunftswerkstatt Sales Excellence 2024/© AndreyPopov / Getty Images / iStock, 2023_Antrieb/© supervisuell

Springer Professional

Abstract

Bitte loggen Sie sich ein, um Zugang zu Ihrer Lizenz zu erhalten.

Sie haben noch keine Lizenz? Dann Informieren Sie sich jetzt über unsere Produkte:

Springer Professional "Technik"

Springer Professional "Wirtschaft+Technik"

Springer Professional "Wirtschaft"

Weitere Artikel der Ausgabe 1/2018

An Innovative Application of Virus Taxonomy and Nomenclatures in the Information Technology

Experimental Study of the Delay Spread in an Indoor Radiating Cable System

Novel Approach for Cache Update on Multipath DSR Protocol in MANET for QoS Support

Bidirectional Communication in Full Duplex Wireless-Powered Relaying Networks: Time-Switching Protocol and Performance Analysis

PMIPv6 Integrated with MIH for Flow Mobility Management: A Real Testbed with Simultaneous Multi-Access in Heterogeneous Mobile Networks

Relay Node Placement with Assured Coverage and Connectivity: A Jarvis March Approach

Neuer Inhalt

Bitte loggen Sie sich ein, um Zugang zu Ihrer Lizenz zu erhalten.

Bitte loggen Sie sich ein, um Zugang zu Ihrer Lizenz zu erhalten.