Pedro Peris-Lopez,Julio C. Hernandez-Castro,J. M. E. Tapiador,Jan C. A. van der Lubbe

DOI: https://doi.org/10.48550/arXiv.0910.2115

2009-10-12

Abstract:In 2006, Peris-Lopez et al. [1, 2, 3] initiated the design of ultralightweight RFID protocols -with the UMAP family of protocols- involving only simple bitwise logical or arithmetic operations such as bitwise XOR, OR, AND, and addition. This combination of operations was revealed later to be insufficient for security. Then, Chien et al. proposed the SASI protocol [4] with the aim of offering better security, by adding the bitwise rotation to the set of supported operations. The SASI protocol represented a milestone in the design of ultralightweight protocols, although certain attacks have been published against this scheme [5, 6, 7]. In 2008, a new protocol, named Gossamer [8], was proposed that can be considered a further development of both the UMAP family and SASI. Although no attacks have been published against Gossamer, Lee et al. [9] have recently published an alternative scheme that is highly reminiscent of SASI. In this paper, we show that Lee et al.'s scheme fails short of many of its security objectives, being vulnerable to several important attacks like traceability, full disclosure, cloning and desynchronization.

Cryptography and Security

Jianqing Fu,Chunming Wu,XiaoPing Chen,Rong Fan

DOI: https://doi.org/10.1109/iccet.2010.5485559

2010-01-01

Abstract:Nowadays, the use of Radio Frequency Identification (RFID) systems in industry and stores has increased. Nevertheless, some of these systems present problems that may discourage potential users. Hence, high confidence and efficient privacy protocols are urgently needed. Previous studies to achieve privacy authentication can be grouped into tree-based and synchronization approaches. But all of the tree-based designs are not suitable to large scale RFID systems, and most of the synchronization designs have security flaws. So in this paper, we propose a scalable pseudo random RFID private mutual authentication protocol (SPRA) to archive both scalable and security. The analysis results show that SPRA effectively enhances the security protection for RFID private authentication, and has the authentication efficiency of O(1).

Hong Lei,Tianjie Cao

DOI: https://doi.org/10.1109/sitis.2007.51

2007-01-01

Abstract:In this paper, we analyze the security vulnerabilities of SPA, a Strong and lightweight RFID Private Authentication protocol proposed by Li Lu et al. We present an effective de-synchronization attack against the protocol, which permanently disables the authentication capability of a RFID tag by destroying synchronization between the tag and the reader. The de-synchronization attack can be carried out in just two rounds of interaction in SPA. Then we improved their scheme to protect against DoS attack.

Kai Bu,Junze Bao,Minyu Weng,Jia Liu,Bin Xiao,Xuan Liu,Shigeng Zhang

DOI: https://doi.org/10.1016/j.adhoc.2015.06.006

IF: 4.816

2016-01-01

Ad Hoc Networks

Abstract:Radio-Frequency Identification (RFID) technology has fostered many object monitoring applications. Along with this trend, a corresponding important problem is to verify the intactness of a set of objects using that of their attached tags. Existing solutions necessitate the knowledge of tag identifiers (IDs), sharing the intuition that verifying whether any tag is absent comes after knowing which tags are supposed to be present. Such solutions, however, can hardly live up to the recent vision of anonymous RFID systems that isolate tag IDs from protocols design for privacy concern. In this paper, we take the first leap toward verifying intactness of anonymous RFID systems. We first identify three critical solution requirements—deterministic verification, anonymity preservation, and scalability—for applications tolerating no absence. Without tag IDs as a priori, we propose a series of crypto-free, lightweight protocols that satisfy the requirements. The proposed protocols explore tag-cardinality difference or leverage Direct-Sequence Spread Spectrum enabled RFID. We validate their performance in terms of accuracy, privacy, and scalability through both analytical and simulation results. To cater for applications that tolerate losing some tagged objects, we further explore probabilistic intactness verification to trade tiny accuracy for boosted efficiency.

Tianjie Cao,Peng Shen,Elisa Bertino

DOI: https://doi.org/10.1109/isecs.2008.73

2008-01-01

Abstract:To reduce the computational load on both the back-end database and the tags, Ha et al. proposed a low-cost and strong-security (LCSS) RFID authentication protocol. In this paper, we identify two effective attacks, a desynchronization attack and a spoofing attack, against the LCSS protocol. The former attack can break the synchronization between the RFID reader and the tag in a single protocol run so that they can not authenticate each other in any following protocol run. The latter can impersonate a legal tag to spoof the RFID reader by extracting the ID of a specific tag during the authentication process. Moreover, we point out the potential countermeasure by adding an integrity check to improve the security.

Tianjie Cao,Peng Shen,Elisa Bertino

DOI: https://doi.org/10.4304/jcm.3.7.20-27

2008-01-01

Journal of Communications

Abstract:Two effective attacks, namely de-synchronization attack and impersonation attack, against Ha et al.’s LCSS RFID authentication protocol, Song and Mitchell’s protocol are identified. The former attack can break the synchronization between the RFID reader and the tag in a single protocol run so that they can not authenticate each other in any following protocol run. The latter can impersonate a legal tag to spoof the RFID reader by extracting the ID of a specific tag during the authentication process. An impersonation attack against Chen et al.’s RFID authentication scheme is also identified. By sending malicious queries to the tag and collecting the response messages emitted by the tag, the attack allows an adversary to extract the secret information from the tag and further to impersonate the legal tag.

Tianjie Cao,Peng Shen

DOI: https://doi.org/10.6633/ijns.200907.9(1).12

2009-01-01

Abstract:Radio frequency identification (RFID) technologies have many advantages in applications such as object tracking and monitoring, ticketing, supply-chain management, contactless payment systems. However, the RFID system may bring about various security and privacy problems. In this paper we present our security analysis of the LAK protocol and the CWH protocol. First, we show that the LAK protocol cannot resist replay attacks, and there- fore an adversary can impersonate a legal tag. Next, we present a full-disclosure attack on the CWH protocol. By sending malicious queries to a tag and collecting the response messages emitted by the tag, the full-disclosure attack allows an adversary to extract the secret information from the tag.

Kai Bu,Jia Liu,Bin Xiao,Xuan Liu,Shigeng Zhang

DOI: https://doi.org/10.1109/PADSW.2014.7097801

2014-01-01

Abstract:Radio-Frequency Identification (RFID) technology has fostered many object monitoring systems. Along with this trend, tagged objects' value and privacy become a primary concern. A corresponding important problem is to verify the intactness of a set of tagged objects without leaking tag identifiers (IDs). However, existing solutions necessitate the knowledge of tag IDs. Without tag IDs as a priori, this paper studies intactness verification in anonymous RFID systems. We identify three critical solution requirements, that is, deterministic verification, anonymity preservation, and scalability. We propose Cardiff and Divar, two crypto-free, lightweight protocols that isolate tag IDs from intactness verification and satisfy solution requirements. Cardiff explores tag cardinality as intactness proof while Divar leverages Direct-Sequence Spread Spectrum (DSSS) enabled RFID. Both analytical and simulation results demonstrate that Cardiff and Divar can satisfy the requirements of accuracy, privacy, and scalability.

PENG Peng,ZHAO Yi-ming,HAN Wei-li,JIN Bo

DOI: https://doi.org/10.3969/j.issn.1000-3428.2011.16.047

2011-01-01

Abstract:This paper gives a Denial of Service(DoS) attack against the Gossamer protocol,and proposes a novel ultra-lightweight Radio Frequency Identification(RFID) reader-tag mutual authentication protocol.It analyzes the security and efficiency of the protocol,the results show that compared with the SASI protocol and the Gossamer Protocol,the proposed protocol is resistant to the DoS attack and algebra attack,and requires less storage capacity on tags,it is cheaper and securer.

Junyu Wang,Christian Floerkemeier,Sanjay E. Sarma

DOI: https://doi.org/10.1007/s00779-014-0788-x

2014-01-01

Personal and Ubiquitous Computing

Abstract:Radio frequency identification (RFID) is an important technique used for automatic identification and data capture. In recent years, low-cost RFID tags have been used in many open-loop applications beyond supply chain management, such as the tagging of the medicine, clothes, and belongings after the point of sales. At the same time, with the development of semiconductor industry, handheld terminals and mobile phones are becoming RFID-enabled. Unauthorized mobile RFID readers could be abused by the malicious hackers or curious common people. Even for authorized RFID readers, the ownership of the reader can be transferred and the owners of the authorized mobile reader may not be always reliable. The authorization and authentication of the mobile RFID readers need to take stronger security measures to address the privacy or security issues that may arise in the emerging open-loop applications. In this paper, the security demands of RFID tags in emerging open-loop applications are summarized, and two example protocols for authorization, authentication and key establishment based on symmetric cryptography are presented. The proposed protocols adopt a timed-session-based authorization scheme, and all reader-to-tag operations are authorized by a trusted third party using a newly defined class of timed sessions. The output of the tags is randomized to prevent unauthorized tracking of the RFID tags. An instance of the protocol A is implemented in 0.13-μm CMOS technology, and the functions are verified by field programmable gate array. The baseband consumes 44.0 μW under 1.08 V voltage and 1.92 MHz frequency, and it has 25,067 gate equivalents. The proposed protocols can successfully resist most security threats toward open-loop RFID systems except physical attacks. The timing and scalability of the two protocols are discussed in detail.

Xiu-qing CHEN,Tian-jie CAO,Yu GUO

DOI: https://doi.org/10.3969/j.issn.1002-137X.2013.11.022

2013-01-01

Computer Science

Abstract:We analyzed the security of RFID authentication protocols recently proposed by Ha et al.Our security analysis clearly highlights important security weakness in this article.More precisely,an adversary analyzes the messages between reader and tag and implements traceability attacks.Then,the adversary performs the passive full-disclosure attacks and discloses the tags' secret.In order to evaluate the performance of traceability attacks,we observed the toy experimental results by running several tests on an implementation of the protocol.Finally,we used the formal model of untraceability,which successfully proves the robustness against tracing attacks and the untraceability of the enhanced scheme.

H. M. Sun,S. M. Chen,K. H. Wang

2011-01-01

Abstract:There are increasing concerns on the security of RFID usages. Recently, Lu et al. presented ACTION, a privacy preservative authentication protocol for RFID. It is claimed that it achieves high level of security even if a large number of tags is compromised. However, we found that this protocol is vulnerable to two severe attacks : Desynchronizing attacks and Tracking attacks. In this pape r, we present how these two attacks work even if the protocol parameters are moderated.

LUO Zong-wei,ZHOU Shi-jie,Jenny Li

2007-01-01

Abstract:This article has a deep analysis on the potential danger of the Exclusive OR (XOR) and Hash chain based light weight Radio Frequency Edentification (RFID) security protocol brought by some articles. On the base of analysis, combining the traditional security schemes widely used in Internet or existing application systems and some light weight and resource-saving security mechanism, we enhance the lightweight RFID security protocol mentioning above and give a new light weight RFID security protocol. Special attention is focused on the deployment considerations for applying the protocol in real application to avoid the identified potential risk. Full consideration is given to the low cost demands for RFID tags, the power restrictions, and the non-resistant against physical tampering feature, which are common limitations in the RFID system.

J Yang,Kui Ren,Kwangjo Kim

2005-01-01

Abstract:In the near future, radio frequency identiflcation (RFID) technology is expected to play an important role for object identiflcation as a ubiquitous infrastructure. However, low-cost RFID tags are highly resource-constrained and cannot support its long-term security, so they have potential risks and may violate privacy for their bearers. To remove security vulnerabilities, we propose a robust mutual authentication protocol between a tag and a back-end server for low-cost RFID system that guarantees data privacy and location privacy of tag bearers. Difierent from the previous works (4, 14), our protocol flrstly provides reader authentication and prevent active attacks based on the assumption that a reader is no more a trusted third party and the communication channel between the reader and the back-end server is insecure like wireless channel. Also, the proposed protocol exhibits forgery resistant against simple copy, or counterfeiting prevailing RFID tags. As tags only have hash function and exclusive-or operation, our proposed protocol is very feasible for low-cost RFID system compared to the previous works. The formal proof of correctness of the proposed authentication protocol is given based on GNY logic.

Hung-Min Sun,Wei-Chih Ting,King-Hang Wang

DOI: https://doi.org/10.1109/tdsc.2009.26

2009-01-01

IEEE Transactions on Dependable and Secure Computing

Abstract:Security issues become more and more significant in RFID development. Recently, Chien proposed an ultralightweight RFID authentication protocol in order to achieve privacy and authenticity with limited computation and transmission resources. However, we find two desynchronization attacks to break the protocol. In order to repair the protocol, two patches that slightly modify the protocol are presented in the paper.

Defu Liu,Guowu Yang,Yong Huang,Jinzhao Wu

DOI: https://doi.org/10.1155/2019/2138468

2019-01-01

Wireless Communications and Mobile Computing

Abstract:Authentication protocol verification is a difficult problem. The problem of “state space explosion” has always been inevitable in the field of verification. Using inductive characteristics, we combine mathematical induction and model detection technology to solve the problem of “state space explosion” in verifying the OSK protocol and VOSK protocol of RFID system. In this paper, the security and privacy of protocols in RFID systems are studied and analysed to verify the effectiveness of the combination of mathematical induction and model detection. We design a (r,s,t)-security experiment on the basis of privacy experiments in the RFID system according to the IND-CPA security standard in cryptography, using mathematical induction to validate the OSK protocol and VOSK protocol. Finally, the following conclusions are presented. The OSK protocol cannot resist denial of service attacks or replay attacks. The VOSK protocol cannot resist denial of service attacks but can resist replay attacks. When there is no limit on communication, the OSK protocol and VOSK protocol possess (r,s,t)-privacy; that is to say they can resist denial of service attacks.

Yongming Jin,Huiping Sun,Wei Xin,Song Luo,Zhong Chen

DOI: https://doi.org/10.1007/978-3-642-25243-3_6

2011-01-01

Abstract:The wide deployment of RFID systems has raised many concerns about the security and privacy. Many RFID authentication protocols are proposed for these low-cost RFID tags. However, most of existing RFID authentication protocols suffer from some feasible problems. In this paper, we first discuss the feasible problems that exist in some RFID authentication protocols. Then we propose a lightweight RFID mutual authentication protocol against these feasible problems. To the best of our knowledge, it is the first scalable RFID authentication protocol that based on the SQUASH scheme. The new protocol is lightweight and can provide the forward security. In every authentication session, the tag produces the random number and the response is fresh. It also prevents the asynchronization between the reader and the tag. Additionally, the new protocol is secure against such attacks as replay attack, denial of service attack, man-in-the-middle attack and so on. We also show that it requires less cost of computation and storage than other similar protocols.

Zongwei Luo,Terry Chan,Jenny S. Li,Edward Wong,William Cheung,Victor Ng,Wilton Fok

DOI: https://doi.org/10.1109/icebe.2006.49

2006-01-01

Abstract:Radio frequency identification (RFID) technology is expected to become a critical and ubiquitous infrastructure technology of logistics and supply chain management (SCM) related processes and services. Low-cost has been the key to RFID adoption in many logistics/SCM applications. However, the deployment of such tags may create new threats to user privacy due to the powerful track and trace capabilities of the tags, in addition to tag/reader manufacturing challenges. As a result, some security mechanisms must be imposed on the RFID tags for addressing the privacy problems. This paper provides detailed discussion on our proposal of a lightweight RFID security protocol. It examines the features and issues through experimental analysis pertinent to efficiency and scalability to meet the requirements of the proposed security protocol in metering and payment e-commerce applications

Khwaja Mansoor,Anwar Ghani,Shehzad Ashraf Chaudhry,Shahaboddin Shamshirband,Shahbaz Ahmed Khan Ghayyur,Amir Mosavi,Shehzad Chaudhry,Shahbaz Ghayyur

DOI: https://doi.org/10.3390/s19214752

IF: 3.9

2019-11-01

Sensors

Abstract:Despite the many conveniences of Radio Frequency Identification (RFID) systems, the underlying open architecture for communication between the RFID devices may lead to various security threats. Recently, many solutions were proposed to secure RFID systems and many such systems are based on only lightweight primitives, including symmetric encryption, hash functions, and exclusive OR operation. Many solutions based on only lightweight primitives were proved insecure, whereas, due to resource-constrained nature of RFID devices, the public key-based cryptographic solutions are unenviable for RFID systems. Very recently, Gope and Hwang proposed an authentication protocol for RFID systems based on only lightweight primitives and claimed their protocol can withstand all known attacks. However, as per the analysis in this article, their protocol is infeasible and is vulnerable to collision, denial-of-service (DoS), and stolen verifier attacks. This article then presents an improved realistic and lightweight authentication protocol to ensure protection against known attacks. The security of the proposed protocol is formally analyzed using Burrows Abadi-Needham (BAN) logic and under the attack model of automated security verification tool ProVerif. Moreover, the security features are also well analyzed, although informally. The proposed protocol outperforms the competing protocols in terms of security.

engineering, electrical & electronic,chemistry, analytical,instruments & instrumentation

Xiuqing Chen,Tianjie Cao,Yu Guo

DOI: https://doi.org/10.12785/amis/080450

2014-01-01

Applied Mathematics & Information Sciences

Abstract:The radio frequency identification (RFID) protocols are vulnerable to va rious attacks from an active or passive adversary. We shed light upon some existing security flaws in these delegation protocols . It is useful to mitigate many security weaknesses in such delegation protocols to promote the acceptance of RFID tags. We propose that a scalable RFID delegation protocol will be against traceability attacks with a stateful variant so that it provides the claimed secu rity requirements. Compared with the previous schemes, we emphasize three critical distinctions in our protocol. First, the reader an d the tag decrease one bitwise XOR of the message and reduce the computational complexity. Second, a solution to reducing the maximum search complexity can be that add two different flags to the tags responses in order to distinguish delegation request from delegation update. Third, the number of exchanged flows during different cases of our revision is same. Finally, the proposed s cheme achieves scalability and untraceability property without leading to a security collision.