Vulnerability Analysis of a Mutual Authentication Protocol Conforming to EPC Class-1 Generation-2 Standard

Mu’awya Naser, Rahmat Budiarto, Ismat Aldmour, Pedro Peris Lopez

Abstract


In this paper we scrutinize the security properties of an RFID authentication protocol conforming to the EPC Class-1 Generation-2 standard. The protocol is suitable for Gen-2 passive tags and requires simple computations. The authors claim that the scheme provides privacy protection and authentication and offers resistant against commonly assumed attacks. We propose a de-synchronization and an impersonation attack in which the disclosing of the secret information (i.e. secret key and static identifier) shared between the tag and the reader is unnecessary to success in these attacks.

References


Kim, M., et al., Forward-backward analysis of RFID-enabled supply chain using fuzzy cognitive map and genetic algorithm. Expert Systems with Applications, 2008. 35(3): p. 1166-1176.

Sun, Q., H. Zhang, and L. Mo, Dual reader wireless protocols for dense active RFID identification. International Journal of Communication Systems, 2011. 24(11): p. 1431-1444.

Cho, K., et al., An extensible and ubiquitous RFID management framework over next generation network. International Journal of Communication Systems, 2009. 23(910): p. 1093-1110.

Kim, S.C., J.S. Cho, and S.K. Kim, Performance improvement of hybrid tag anti collision protocol for radio frequency identification systems. International Journal of Communication Systems, 2012.

Weis, S., et al., Security and privacy aspects of low-cost radio frequency identification systems. Security in Pervasive Computing, 2004: p. 50-59.

Juels, A., RFID security and privacy: A research survey. IEEE Journal on Selected Areas in Communications, 2006. 24(2): p. 381-394.

Lim, C. and T. Korkishko, mCryptontion A lightweight block cipher for security of low-cost RFID tags and Sensors. Information Security Applications, 2006: p. 243-258.

Li, J.S. and K.H. Liu, A hidden mutual authentication protocol for low cost RFID tags. International Journal of Communication Systems, 2011. 24(9): p. 1196-1211.

Yeh, T., et al., Securing RFID systems conforming to EPC Class 1 Generation 2 standard Expert System With Application 2010. 37(4): p. 7678-7683.

Chien, H., SASI: A new ultralightweight RFID authentication protocol providing strong authentication and strong integrity. IEEE Transactions on Dependable and Secure Computing, 2007. 4(4): p. 337-340.

EPCglobal. Class 1 Generation 2 UHF Air Interface Protocol Standard "Gen 2" Version 1.2.0. 2008 [cited 2010 15th October]; Available from: http://www.epcglobalinc.org/standards/.

Chien, H., SASI: A new ultralightweight RFID authentication protocol providing strong authentication and strong integrity. IEEE Transactions on Dependable and Secure Computing, 2007. 4(4): p. 337-340.

Duc, D., et al. Enhancing security of EPCglobal Gen-2 RFID tag against traceability and cloning. in The Symposium on Cryptography and Information Security, 2006. 2006: Citeseer.

Sun, H.-M., W.-C. Ting, and K.-H. Wang, On the Security of Chien's Ultra-Lightweight RFID Authentication Protocol. IEEE Transactions on Dependable and Secure Computing, 2009. 99.

Chien, H.Y. and C.W. Huang, Security of ultra-lightweight RFID authentication protocols and its improvements. ACM SIGOPS Operating Systems Review, 2007. 41(4): p. 86.

Chien, H. Y. and Chen, C. H. Mutual authentication protocol for RFID conforming to EPC class 1 generation 2 standards. Computer Standards and Interfaces, 2207. 29: p. 254-259.

Yoon, E.J. Improvement of the Security systems conforming to EPC Class 1 Generation 2 standard. Expert Systems and Applications, 2012. 39: p. 1589-1595.


Full Text: PDF

Refbacks

  • There are currently no refbacks.