Title :
Cryptanalysis of the LCSS RFID Authentication Protocol
Author :
Cao, Tianjie ; Shen, Peng ; Bertino, Elisa
Author_Institution :
Sch. of Comput., China Univ. of Min. & Technol., Xuzhou
Abstract :
To reduce the computational load on both the back-end database and the tags, Ha et al. proposed a low-cost and strong-security (LCSS) RFID authentication protocol. In this paper, we identify two effective attacks, a desynchronization attack and a spoofing attack, against the LCSS protocol. The former attack can break the synchronization between the RFID reader and the tag in a single protocol run so that they can not authenticate each other in any following protocol run. The latter can impersonate a legal tag to spoof the RFID reader by extracting the ID of a specific tag during the authentication process. Moreover, we point out the potential countermeasure by adding an integrity check to improve the security.
Keywords :
cryptographic protocols; message authentication; radiofrequency identification; synchronisation; back-end database; cryptanalysis; desynchronization attack; low-cost RFID authentication protocol; spoofing attack; strong-security RFID authentication protocol; Authentication; Computer security; Costs; Cryptographic protocols; Data security; Databases; Electronic commerce; RFID tags; Radio frequency; Radiofrequency identification; Authentication; Cryptanalysis; RFID;
Conference_Titel :
Electronic Commerce and Security, 2008 International Symposium on
Conference_Location :
Guangzhou City
Print_ISBN :
978-0-7695-3258-5
DOI :
10.1109/ISECS.2008.73
