Title :
De-synchronization attack on RFID authentication protocols
Author :
Lo, N.W. ; Yeh, Kuo-Hui
Author_Institution :
Dept. of Inf. Manage., Nat. Taiwan Univ. of Sci. & Technol., Taipei, Taiwan
Abstract :
In order to protect privacy of RFID tag against malicious tag tracing activities, many RFID authentication protocols with the secret key update scheme have been proposed to support forward security. These proposals are symmetric key based in common due to the lack of computational resource to perform heavy asymmetric cryptographic operations in low-cost tags. In this paper, we have demonstrated that four RFID authentication protocols are vulnerable to a de-synchronization attack. The secret values shared between any given tag and the backend server can easily be de-synchronized through a series of attack process (or incomplete protocol runs). Our results indicate that these four schemes are naturally limited by their essential design and more rigorous security analyses are accordingly required. In addition, any extension from these four protocols may incur the insecurity owing to the same underlying protocol design.
Keywords :
authorisation; cryptographic protocols; radiofrequency identification; RFID authentication protocol; asymmetric cryptographic operation; desynchronization attack; malicious tag tracing; secret key update scheme; symmetric key; Authentication; Cryptography; Protocols; Radiofrequency identification; Servers; Synchronization; Authentication; De-synchronization attack; Privacy; RFID; Security;
Conference_Titel :
Information Theory and its Applications (ISITA), 2010 International Symposium on
Conference_Location :
Taichung
Print_ISBN :
978-1-4244-6016-8
Electronic_ISBN :
978-1-4244-6017-5
DOI :
10.1109/ISITA.2010.5649726
