Abstract
This work aims to identify the algebraic problems which enable many attacks on RFID protocols. Toward this goal, three emerging types of attacks on RFID protocols, concerning authentication, untraceability, and secrecy are discussed. We demonstrate the types of attacks by exhibiting previously unpublished vulnerabilities in several protocols and referring to various other flawed protocols.
The common theme in these attacks is the fact that the algebraic properties of operators employed by the protocols are abused. While the methodology is applicable to any operator with algebraic properties, the protocols considered in this paper make use of xor, modular addition, and elliptic curve point addition.
Chapter PDF
Similar content being viewed by others
References
Dolev, D., Yao, A.: On the security of public key protocols. IEEE Transactions on Information Theory IT-29(2), 198–208 (1983)
Lowe, G.: A hierarchy of authentication specifications. In: CSFW, pp. 31–44 (1997)
van Deursen, T., Mauw, S., Radomirović, S.: Untraceability of RFID Protocols. In: Onieva, J.A., Sauveron, D., Chaumette, S., Gollmann, D., Markantonakis, K. (eds.) WISTP 2008. LNCS, vol. 5019, pp. 1–15. Springer, Heidelberg (2008)
Avoine, G.: Adversary model for radio frequency identification. Technical Report LASEC-REPORT-2005-001, Swiss Federal Institute of Technology (EPFL), Security and Cryptography Laboratory (LASEC), Lausanne, Switzerland (September 2005)
Juels, A., Weis, S.: Defining strong privacy for RFID. In: IEEE International Conference on Pervasive Computing and Communications – PerCom 2007, New York, USA, pp. 342–347. IEEE Computer Society Press, Los Alamitos (2007)
Vaudenay, S.: On privacy models for RFID. In: Kurosawa, K. (ed.) ASIACRYPT 2007. LNCS, vol. 4833, pp. 68–87. Springer, Heidelberg (2007)
Damgård, I., Pedersen, M.Ø.: RFID security: Tradeoffs between security and efficiency. In: Malkin, T.G. (ed.) CT-RSA 2008. LNCS, vol. 4964, pp. 318–332. Springer, Heidelberg (2008)
Paise, R.I., Vaudenay, S.: Mutual authentication in RFID: Security and privacy. In: ACM Symposium on Information, Computer and Communications Security (ASIACCS 2008), pp. 292–299. ACM Press, New York (2008)
Chien, H.Y., Chen, C.H.: Mutual authentication protocol for RFID conforming to EPC class 1 generation 2 standards. Computer Standars & Interfaces, Elsevier Science Publishers 29(2), 254–259 (2007)
Peris-Lopez, P., Hernandez-Castro, J.C., Estevez-Tapiador, J., Ribagorda, A.: Cryptanalysis of a novel authentication protocol conforming to EPC-C1G2 standard (2007)
Lee, Y.K., Batina, L., Verbauwhede, I.: EC-RAC (ECDLP based randomized access control): Provably secure RFID authentication protocol. In: Proceedings of the 2008 IEEE International Conference on RFID, pp. 97–104 (2008)
Bringer, J., Chabanne, H., Icart, T.: Cryptanalysis of EC-RAC, a RFID identification protocol. In: Franklin, M.K., Hui, L.C.K., Wong, D.S. (eds.) CANS 2008. LNCS, vol. 5339, pp. 149–161. Springer, Heidelberg (2008)
Chien, H.Y., Huang, C.W.: A lightweight RFID protocol using substring. In: Kuo, T.-W., Sha, E., Guo, M., Yang, L.T., Shao, Z. (eds.) EUC 2007. LNCS, vol. 4808, pp. 422–431. Springer, Heidelberg (2007)
Kim, K.H., Choi, E.Y., Lee, S.M., Lee, D.H.: Secure EPCglobal class-1 gen-2 RFID system against security and privacy problems. In: Meersman, R., Tari, Z., Herrero, P. (eds.) OTM 2006 Workshops. LNCS, vol. 4277, pp. 362–371. Springer, Heidelberg (2006)
Lee, S., Asano, T., Kim, K.: RFID mutual authentication scheme based on synchronized secret information. In: Symposium on Cryptography and Information Security, Hiroshima, Japan (January 2006)
Song, B., Mitchell, C.J.: RFID authentication protocol for low-cost tags. In: Wireless Network Security (WISEC), pp. 140–147 (2008)
van Deursen, T., Radomirović, S.: Attacks on RFID protocols (version 1.0). Cryptology ePrint Archive, Report 2008/310 (July 2008), http://eprint.iacr.org/2008/310
Cremers, C., Mauw, S.: Operational Semantics of Security Protocols. In: Leue, S., Systä, T.J. (eds.) Scenarios: Models, Transformations and Tools. LNCS, vol. 3466, pp. 66–89. Springer, Heidelberg (2005)
Thayer Fàbrega, F., Herzog, J., Guttman, J.: Strand spaces: Why is a security protocol correct? In: Proc. 1998 IEEE Symposium on Security and Privacy, Oakland, California, pp. 66–77 (1998)
Kim, I.J., Choi, E.Y., Lee, D.H.: Secure mobile RFID system against privacy and security problems. In: SecPerU 2007 (2007)
Li, Y., Ding, X.: Protecting RFID communications in supply chains. In: ASIACCS, pp. 234–241 (2007)
Osaka, K., Takagi, T., Yamazaki, K., Takahashi, O.: An efficient and secure RFID security method with ownership transfer. In: Wang, Y., Cheung, Y.-m., Liu, H. (eds.) CIS 2006. LNCS, vol. 4456, pp. 778–787. Springer, Heidelberg (2007)
Yang, J., Park, J., Lee, H., Ren, K., Kim, K.: Mutual authentication protocol for low-cost RFID. In: Handout of the Ecrypt Workshop on RFID and Lightweight Crypto (July 2005)
Juels, A., Weis, S.: Authenticating Pervasive Devices with Human Protocols. In: Shoup, V. (ed.) CRYPTO 2005. LNCS, vol. 3621, pp. 293–308. Springer, Heidelberg (2005)
Gilbert, H., Robshaw, M., Sibert, H.: An active attack against HB + – a provably secure lightweight authentication protocol (July 2005) (manuscript)
Di Pietro, R., Molva, R.: Information confinement, privacy, and security in RFID systems. In: Biskup, J., López, J. (eds.) ESORICS 2007. LNCS, vol. 4734, pp. 187–202. Springer, Heidelberg (2007)
Peris-Lopez, P., Hernandez-Castro, J.C., Estevez-Tapiador, J.M., Ribagorda, A.: M2AP: A minimalist mutual-authentication protocol for low-cost RFID tags. In: Ma, J., Jin, H., Yang, L.T., Tsai, J.J.-P. (eds.) UIC 2006. LNCS, vol. 4159, pp. 912–923. Springer, Heidelberg (2006)
Peris-Lopez, P., Castro, J.C.H., Estévez-Tapiador, J.M., Ribagorda, A.: EMAP: An efficient mutual-authentication protocol for low-cost RFID tags. In: Meersman, R., Tari, Z., Herrero, P. (eds.) OTM 2006 Workshops. LNCS, vol. 4277, pp. 352–361. Springer, Heidelberg (2006)
Peris-Lopez, P., Castro, J.C.H., Estévez-Tapiador, J.M., Ribagorda, A.: LMAP: A real lightweight mutual authentication protocol for low-cost RFID tags. In: Printed handout of Workshop on RFID Security – RFIDSec 2006 (July 2006)
Alomair, B., Lazos, L., Poovendran, R.: Passive attacks on a class of authentication protocols for RFID. In: Nam, K.-H., Rhee, G. (eds.) ICISC 2007. LNCS, vol. 4817, pp. 102–115. Springer, Heidelberg (2007)
Li, T., Wang, G.: Security analysis of two ultra-lightweight RFID authentication protocols. In: IFIP SEC 2007, Sandton, Gauteng, South Africa, IFIP (May 2007)
Vajda, I., Buttyán, L.: Lightweight authentication protocols for low-cost RFID tags. In: Second Workshop on Security in Ubiquitous Computing – Ubicomp 2003, Seattle, WA, USA (October 2003)
Kang, J., Nyang, D.: RFID authentication protocol with strong resistance against traceability and denial of service attacks. In: Molva, R., Tsudik, G., Westhoff, D. (eds.) ESAS 2005. LNCS, vol. 3813, pp. 164–175. Springer, Heidelberg (2005)
Author information
Authors and Affiliations
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2009 IFIP International Federation for Information Processing
About this paper
Cite this paper
van Deursen, T., Radomirović, S. (2009). Algebraic Attacks on RFID Protocols. In: Markowitch, O., Bilas, A., Hoepman, JH., Mitchell, C.J., Quisquater, JJ. (eds) Information Security Theory and Practice. Smart Devices, Pervasive Systems, and Ubiquitous Networks. WISTP 2009. Lecture Notes in Computer Science, vol 5746. Springer, Berlin, Heidelberg. https://doi.org/10.1007/978-3-642-03944-7_4
Download citation
DOI: https://doi.org/10.1007/978-3-642-03944-7_4
Publisher Name: Springer, Berlin, Heidelberg
Print ISBN: 978-3-642-03943-0
Online ISBN: 978-3-642-03944-7
eBook Packages: Computer ScienceComputer Science (R0)