Tianjie Cao,Peng Shen,Elisa Bertino

DOI: https://doi.org/10.4304/jcm.3.7.20-27

2008-01-01

Journal of Communications

Abstract:Two effective attacks, namely de-synchronization attack and impersonation attack, against Ha et al.’s LCSS RFID authentication protocol, Song and Mitchell’s protocol are identified. The former attack can break the synchronization between the RFID reader and the tag in a single protocol run so that they can not authenticate each other in any following protocol run. The latter can impersonate a legal tag to spoof the RFID reader by extracting the ID of a specific tag during the authentication process. An impersonation attack against Chen et al.’s RFID authentication scheme is also identified. By sending malicious queries to the tag and collecting the response messages emitted by the tag, the attack allows an adversary to extract the secret information from the tag and further to impersonate the legal tag.

Tianjie Cao,Peng Shen,Elisa Bertino

DOI: https://doi.org/10.1109/isecs.2008.73

2008-01-01

Abstract:To reduce the computational load on both the back-end database and the tags, Ha et al. proposed a low-cost and strong-security (LCSS) RFID authentication protocol. In this paper, we identify two effective attacks, a desynchronization attack and a spoofing attack, against the LCSS protocol. The former attack can break the synchronization between the RFID reader and the tag in a single protocol run so that they can not authenticate each other in any following protocol run. The latter can impersonate a legal tag to spoof the RFID reader by extracting the ID of a specific tag during the authentication process. Moreover, we point out the potential countermeasure by adding an integrity check to improve the security.

H. M. Sun,S. M. Chen,K. H. Wang

2011-01-01

Abstract:There are increasing concerns on the security of RFID usages. Recently, Lu et al. presented ACTION, a privacy preservative authentication protocol for RFID. It is claimed that it achieves high level of security even if a large number of tags is compromised. However, we found that this protocol is vulnerable to two severe attacks : Desynchronizing attacks and Tracking attacks. In this pape r, we present how these two attacks work even if the protocol parameters are moderated.

Jianqing Fu,Chunming Wu,XiaoPing Chen,Rong Fan

DOI: https://doi.org/10.1109/iccet.2010.5485559

2010-01-01

Abstract:Nowadays, the use of Radio Frequency Identification (RFID) systems in industry and stores has increased. Nevertheless, some of these systems present problems that may discourage potential users. Hence, high confidence and efficient privacy protocols are urgently needed. Previous studies to achieve privacy authentication can be grouped into tree-based and synchronization approaches. But all of the tree-based designs are not suitable to large scale RFID systems, and most of the synchronization designs have security flaws. So in this paper, we propose a scalable pseudo random RFID private mutual authentication protocol (SPRA) to archive both scalable and security. The analysis results show that SPRA effectively enhances the security protection for RFID private authentication, and has the authentication efficiency of O(1).

Kai Bu,Junze Bao,Minyu Weng,Jia Liu,Bin Xiao,Xuan Liu,Shigeng Zhang

DOI: https://doi.org/10.1016/j.adhoc.2015.06.006

IF: 4.816

2016-01-01

Ad Hoc Networks

Abstract:Radio-Frequency Identification (RFID) technology has fostered many object monitoring applications. Along with this trend, a corresponding important problem is to verify the intactness of a set of objects using that of their attached tags. Existing solutions necessitate the knowledge of tag identifiers (IDs), sharing the intuition that verifying whether any tag is absent comes after knowing which tags are supposed to be present. Such solutions, however, can hardly live up to the recent vision of anonymous RFID systems that isolate tag IDs from protocols design for privacy concern. In this paper, we take the first leap toward verifying intactness of anonymous RFID systems. We first identify three critical solution requirements—deterministic verification, anonymity preservation, and scalability—for applications tolerating no absence. Without tag IDs as a priori, we propose a series of crypto-free, lightweight protocols that satisfy the requirements. The proposed protocols explore tag-cardinality difference or leverage Direct-Sequence Spread Spectrum enabled RFID. We validate their performance in terms of accuracy, privacy, and scalability through both analytical and simulation results. To cater for applications that tolerate losing some tagged objects, we further explore probabilistic intactness verification to trade tiny accuracy for boosted efficiency.

Tianjie Cao,Yong Zhang

2009-01-01

Journal of Computational Information Systems

Abstract:Three effective attacks, namely impersonation attack, de-synchronization attack and backward tracing attack, against Song and Mitchell's RFID authentication scheme are identified in this paper. The impersonation attack can spoof the reader though a replay attack. The de-synchronization attack can break the synchronization between the RFID reader and the tag so that they can not authenticate each other in any following protocol runs. The backward tracing attack can identify the past interactions of a tag if the attacker knows the tag's present internal stat e. An improved RFID scheme resistant to these attacks is also proposed. © 2009 Binary Information Press August, 2009.

Xiu-qing CHEN,Tian-jie CAO,Yu GUO

DOI: https://doi.org/10.3969/j.issn.1002-137X.2013.11.022

2013-01-01

Computer Science

Abstract:We analyzed the security of RFID authentication protocols recently proposed by Ha et al.Our security analysis clearly highlights important security weakness in this article.More precisely,an adversary analyzes the messages between reader and tag and implements traceability attacks.Then,the adversary performs the passive full-disclosure attacks and discloses the tags' secret.In order to evaluate the performance of traceability attacks,we observed the toy experimental results by running several tests on an implementation of the protocol.Finally,we used the formal model of untraceability,which successfully proves the robustness against tracing attacks and the untraceability of the enhanced scheme.

Xiuqing Chen,Qiang Zhao,Tianjie Cao,Jingxuan Zhai

DOI: https://doi.org/10.14257/ijsia.2015.9.12.16

2015-01-01

International Journal of Security and Its Applications

Abstract:The widespread use of Radio Frequency Identification (RFID) technologies help to trace a large number of commodity and share the tag information in the supply chain system. However, many ownership transfer protocols are subject to various attacks. We analyze the security of two protocols. Even if the designers claim that their protocols are security, we find that their schemes suffer from forward traceability attacks and tracing attacks. In addition, we show that a weak attacker can retrieve the secrets of the tag with a probability 1 in Kardaş et al.’s protocol. To resist against these attacks, we present an improved scheme based on Kardaş et al.’s protocol by adopting the new key-update mechanism. In the end, we show the enhanced versions provides the forward and backward untraceable security properties.

Xiuqing Chen,Tianjie Cao,Robin Doss,Jingxuan Zhai

DOI: https://doi.org/10.1007/s11277-017-4449-z

IF: 2.017

2017-01-01

Wireless Personal Communications

Abstract:Radio Frequency Identification (RFID) technology is expected to play a key role in the Internet of Things (IoT) and has applications in a wide variety of domains ranging from automation to healthcare systems. Therefore, the security and privacy of RFID communication is critical. In this paper, we analyze two recent RFID protocols proposed by researchers. Specifically we show that the ownership transfer protocol proposed by Wang et al., is vulnerable to tracing attacks while the mutual authentication protocol proposed by Cho et al. is vulnerable to key disclosure and backward traceable attacks. We propose secure improvements to these protocols to address the vulnerabilities, and improve the scalability of these schemes making them suitable for large-scale deployments.

Chen Xiuqing,Cao Tianjie,Zhai Jingxuan

DOI: https://doi.org/10.1049/cje.2016.08.013

IF: 1.019

2016-01-01

Chinese Journal of Electronics

Abstract:With the development of Radio frequency identification (RFID) technologies, theoretical study on the protocol's design promotes the increasing reality applications of this product. The protocol designers attach significance to untraceability analysis on key-update RFID authentication protocols. This paper analyzes two RFID authentication protocols in terms of forward untraceability and backward untraceability, which are two necessary conditions for key-update RFID protocols and ownership transfer protocols. This paper introduces impersonation attacks as well as desynchronization attacks to two protocols. This paper presents two enhanced protocols, which can achieve forward untraceability and backward untraceability privacy. This paper shows the outstanding efficiency and security properties of two improved schemes through detailed analysis and comparisons.

Kai Bu,Jia Liu,Bin Xiao,Xuan Liu,Shigeng Zhang

DOI: https://doi.org/10.1109/PADSW.2014.7097801

2014-01-01

Abstract:Radio-Frequency Identification (RFID) technology has fostered many object monitoring systems. Along with this trend, tagged objects' value and privacy become a primary concern. A corresponding important problem is to verify the intactness of a set of tagged objects without leaking tag identifiers (IDs). However, existing solutions necessitate the knowledge of tag IDs. Without tag IDs as a priori, this paper studies intactness verification in anonymous RFID systems. We identify three critical solution requirements, that is, deterministic verification, anonymity preservation, and scalability. We propose Cardiff and Divar, two crypto-free, lightweight protocols that isolate tag IDs from intactness verification and satisfy solution requirements. Cardiff explores tag cardinality as intactness proof while Divar leverages Direct-Sequence Spread Spectrum (DSSS) enabled RFID. Both analytical and simulation results demonstrate that Cardiff and Divar can satisfy the requirements of accuracy, privacy, and scalability.

Jun Wen,Wenhong Tian,Weidong Wang

DOI: https://doi.org/10.1109/ICCCAS.2010.5582037

2010-01-01

Abstract:Radio Frequency Identification (RFID) technologies have been standardized and widely commercially used, but its security problem is a major challenge. This paper presents an efficient authentication approach to prevent tag from eavesdropping by attackers, tracing by illegal reader. It firstly gives a comprehensive discussion of privacy problems, then presents a mutual authentication and encrypts communication mechanism. And a security analysis on withstanding attackers for the RFID approach is given. © 2010 IEEE.

J Yang,Kui Ren,Kwangjo Kim

2005-01-01

Abstract:In the near future, radio frequency identiflcation (RFID) technology is expected to play an important role for object identiflcation as a ubiquitous infrastructure. However, low-cost RFID tags are highly resource-constrained and cannot support its long-term security, so they have potential risks and may violate privacy for their bearers. To remove security vulnerabilities, we propose a robust mutual authentication protocol between a tag and a back-end server for low-cost RFID system that guarantees data privacy and location privacy of tag bearers. Difierent from the previous works (4, 14), our protocol flrstly provides reader authentication and prevent active attacks based on the assumption that a reader is no more a trusted third party and the communication channel between the reader and the back-end server is insecure like wireless channel. Also, the proposed protocol exhibits forgery resistant against simple copy, or counterfeiting prevailing RFID tags. As tags only have hash function and exclusive-or operation, our proposed protocol is very feasible for low-cost RFID system compared to the previous works. The formal proof of correctness of the proposed authentication protocol is given based on GNY logic.

Yongming Jin,Wei Xin,Huiping Sun,Zhong Chen

DOI: https://doi.org/10.1007/978-3-642-29253-8_27

2012-01-01

Abstract:RFID tags are now pervasive in our everyday life. They raise a lot of security and privacy issues. Many authentication protocols against these problems assume that the tags can contain a secret key that is unknown to the adversary. However, physical attacks can lead to key exposure and full security breaks. On the other hand, many protocols are only described and analyzed. However, we cannot explain why they are designed like that. Compare with the previous protocols, we first propose a universal RFID authentication protocol and show the principle why the protocol is designed. It can be instantiated for various types and achieve different security properties according to the implementation of the functions. Then we introduce a general prototype of delay-based PUF for low-cost RFID systems and propose a new lightweight RFID authentication protocol based on the general prototype of PUF. The new protocol not only resists the physical attacks and secret key leakage, but also prevents the asynchronization between the reader and the tag. It also can resist the replay attack, man-in-the-middle attack etc. Finally, we show that it is efficient and practical for low-cost RFID systems.

Shiqi Wang,Linsen Li,Gaosheng Chen,Tao Chen,Zeming Wang

DOI: https://doi.org/10.1109/IACS.2017.7921977

2017-01-01

Abstract:As the RFID based Internet of Things (loT) gets worldwide attention, to prepare for the rapidly increasing applications in daily life, various security protocols are proposed. But, these protocols, most of which are limited by the tag processing capacity and dangerous exposure during transmission, could only be applied in certain fields. Previously, Chen and Deng's mutual authentication and privacy protection protocol which conforming EPC Class 1 Generation 2 Standards stands out for low cost as well as little requirements of the tag processing capacity. However, currently reported by others, this system faces up with severe dangers of tracking or cloning tags via impersonating attacks. After scrutiny, we found out that these vulnerabilities lie in the insufficient protections of random numbers, and we reconstruct the request and response based on the original protocol by making message unrepeatable, key elements secret and adding small storage for comparisons. The security of our protocol, proved by Ban logic analysis, is ensured by double protections — secret key pairs and dynamic random numbers. Our comparisons show that our protocol not only is safe under traditional attacks guaranteed by the original protocol but also overcomes impersonating attacks which represents the inherent weakness of information exposure in public.

Zhen Zhang,Shijie Zhou,Zongwei Luo

DOI: https://doi.org/10.1109/icebe.2008.92

2008-01-01

Abstract:Radio frequency identification (RFID) technology has been widely used in ubiquitous infrastructures. On the other hand, the low-cost RFID system has potential risks such as privacy and security problems, which would be a big barrier for the application. First of all, we analyze the current security protocols for the RFID system. To protect user privacy and remove security vulnerabilities, we propose a robust and privacy preserving mutual authentication protocol that is suitable for the low-cost RFID environment. Finally, the correctness of the proposed authentication protocol is proved by the BAN logic.

Jing Li,Zhiping Zhou,Ping Wang

DOI: https://doi.org/10.1109/ccdc.2017.7978502

2017-01-01

Abstract:Through analyzing the security of LMAP protocol, we point out that this protocol is vulnerable to several attacks including the data integrity, reader impersonation and traceability, forward traceability. Based on the above security drawbacks, an improved LAMP protocol is proposed. Aiming at the problem of data integrity, the backend server uses message authentication code to encrypt data information of tag; the reader mixes message generated by tag side to ensure resist impersonation reader attack; the tag side introduces blind factor against traceability attack; in addition, the keys of tags and backend server side can be updated dynamically according to the random number generated by tag side in different authentication cycles, to ensure the forward/backward privacy. The formal proof of correctness of the improved protocol is given based on GNY logic, and shows that the improved protocol resists various attack.

Chien-Ming Chen,Shuai-Min Chen,Xinying Zheng,Lijun Yan,Huaxiong Wang,Hung-Min Sun

2014-01-01

Abstract:RFID technology has become popular in many applications; however, most of the RFID products lack security related functionality due to the hardware limitation of the low-cost RFID tags. In 2009, Chien and Laih proposed an RFID authentication protocol based on error correction codes (ECC) to secure RFID systems with untraceability, which is one of the most critical privacy issues on RFID. In this paper, we demonstrate that their scheme is insecure against two kinds of tracing attacks. We also analyze the success probability of our attacks.

Yun Tian,Gongliang Chen,Jianhua Li

2013-01-01

Abstract:Radio frequency identification (RFID) has a variety of applications and has raised more and more attention. On the other hand, privacy and security problem limits the large-scale use of RFID. The most flexible and effective way to settle this problem is to adopt authentication protocols. However, many proposed RFID authentication protocols have certain weakness. This paper aims to find the possible desynchronization attacks in the design of RFID mutual authentication protocols. We specified the system model and the abilities of adversaries. In order to launch the attack, we proposed the framework of a class of 3-round RFID mutual authentication protocols. It is proved that the protocol will be vulnerable to the desynchronization attack if tag impersonation attack is feasible in the protocol.

Xiuqing Chen -,Tianjie Cao -,Qiao Yu -

DOI: https://doi.org/10.4156/aiss.vol5.issue5.68

2013-01-01

INTERNATIONAL JOURNAL ON Advances in Information Sciences and Service Sciences

Abstract:Radio Frequency Identification (RFID) is a technology designed to automatically identify a myriad of everyday objects and people. Due to widely spread of the RFID applications, some useful message can be attacked by adversaries. Thus, to eliminate the security problem, the security requirements for privacy-preserving RFID authentication protocols are evident. In this paper, we discuss unique manin-the-middle attacks on extending RFID authentication protocols. In particular, we show that the revised protocols which rely on the use of elliptic curve cryptography (ECC), grouping proof and RFID localization algorithms. Furthermore, we demonstrate that the proposed protocols can resist unique man-in-the-middle attacks and replay attacks.