• DocumentCode
    2231096
  • Title

    Cryptanalysis of Two Lightweight RFID Authentication Schemes

  • Author

    Defend, Benessa ; Fu, Kevin ; Juels, Ari

  • Author_Institution
    UMass Amherst, MA
  • fYear
    2007
  • fDate
    19-23 March 2007
  • Firstpage
    211
  • Lastpage
    216
  • Abstract
    Vajda and Buttyan proposed several lightweight authentication protocols for authenticating RFID tags to readers, and left open the quantifiable cryptographic strength. Our cryptanalysis answers this open question by implementing and measuring attacks against their XOR and SUBSET protocols. A passive eavesdropper can impersonate a tag in the XOR protocol after observing only 70 challenge-response transactions between the tag and reader. In contrast, the theoretical maximum strength of the XOR protocol could have required 16! * 2 observed transactions to break the key. Our experiments also show that a passive eavesdropper can recover the shared secret used in the XOR protocol by observing an expected 1,092 transactions. Additionally, a nearly optimal active attack against the SUBSET protocol extracts almost one bit of information for each bit emitted by the tag
  • Keywords
    cryptographic protocols; radiofrequency identification; SUBSET protocols; XOR; cryptanalysis; lightweight RFID authentication schemes; lightweight authentication protocols; Access protocols; Authentication; Cryptographic protocols; Cryptography; Data mining; Laboratories; Passive RFID tags; Probability; RFID tags; Radiofrequency identification;
  • fLanguage
    English
  • Publisher
    ieee
  • Conference_Titel
    Pervasive Computing and Communications Workshops, 2007. PerCom Workshops '07. Fifth Annual IEEE International Conference on
  • Conference_Location
    White Plains, NY
  • Print_ISBN
    0-7695-2788-4
  • Type

    conf

  • DOI
    10.1109/PERCOMW.2007.34
  • Filename
    4144828
    • Link To Document
    https://search.isc.ac/dl/search/defaultta.aspx?DTC=49&DC=2231096