Practical Attacks on a RFID Authentication Protocol Conforming to EPC C-1 G-2 Standard (original) (raw)
Related papers
Attacks On A Mutual Authentication Scheme Conforming To EPCglobal Class-1 Generation-2 RFID System$
projectice.eu
EPCglobal introduced Electronic Product Code (EPC) to identify objects and trace them in a wide network area. EPCglobal and ISO confirmed EPC Class-1 Generation-2 (EPC-C1G2) that includes the requirements of lightweight RFID tags. However, these tags are vulnerable to some inevitable attacks such as tracking by adversaries, tag cloning and data leakage. Lately, many authentication and privacy protection protocols have been published to protect RFID systems. Some of them do not adequately satisfy these security issues. Chen and Deng proposed a mutual authentication and privacy protection protocol conforming to EPC-C1G2 standard to ensure RFID security and privacy of the tags. In this paper, we show that most of the privacy protection and authentication protocol objectives are not met in Chen and Deng's proposal. We also show that an adversary can impersonate not only the tags but also the legitimate reader. In addition, we show that a counterfeit tag can be simply cloned. For these reasons, Chen and Deng's scheme is not a secure and reliable protocol to use in EPC-C1G2 specification.
Security Analysis of an EPC Class-1 Generation-2 Compliant RFID Authentication Protocol
2018
Design of secure authentication solutions for low-cost RFID tags is still an open and quite challenging problem, though many protocols have been published in the last decade. In 2013, Wei and Zhang proposed a new lightweight RFID authentication protocol that conforms to the EPC-C1G2 standard and claimed that the protocol would be immune against all known attacks on RFID systems. In this paper, we consider the security of this protocol and show that it cannot provide secure authentication for RFID users. An attacker, by following our suggested approach, will be able to impersonate server/reader, and destroy synchronization between the back-end server and the tag. Finally, we enhance this protocol, and by using formal and informal security analysis we show that the enhanced protocol strongly inhibits the security flaws of its predecessor.
Security and Privacy Flaws in a Recent Authentication Protocol for EPC C1 G2 RFID Tags
Recently, due to widespread use of Radio Frequency IDentification (RFID) systems in personal applications, security and privacy of these systems have got more attention. In order to provide security and privacy of RFID users, different authentication protocols have been proposed. In 2014, Mohammadi et al. proposed an improved authentication protocol for RFID systems. They claimed that their protocol is secure against various attacks. In this study, we investigate security and privacy of their protocol. It is shown that their protocol is not safe against several attacks including secret parameters reveal, tag impersonation, data integrity, desynchronization and also it cannot provide user privacy. Then, in order to omit aforementioned weaknesses, we apply some changes on Mohammadi et al.’s protocol and we propose an improved protocol. In addition, the security and privacy of the proposed protocol are analyzed against various attacks.
—In this paper we scrutinize the security properties of an RFID authentication protocol conforming to the EPC Class-1 Generation-2 standard. The protocol is suitable for Gen-2 passive tags and requires simple computations. The authors claim that the scheme provides privacy protection and authentication and offers resistant against commonly assumed attacks. We propose a de-synchronization and an impersonation attack in which the disclosing of the secret information (i.e. secret key and static identifier) shared between the tag and the reader is unnecessary to success in these attacks. Keywords—
2012
Authentication is one of the most basic and important cryptographic tasks. Mutual authentication protocols play a crucial role on the security of RFID systems. In this paper, we consider the security of a recently proposed mutual authentication protocol by Wei et al. which is a hash based protocol. We present efficient tag impersonation attack, two desynchronization attacks, reader impersonation attack and traceability attack against this protocol.
SLRV: An RFID Mutual Authentication Protocol Conforming to EPC Generation-2 Standard
TELKOMNIKA (Telecommunication Computing Electronics and Control), 2015
Having done an analysis on the security vulnerabilities of Radio Frequency Identification (RFID) through a desynchronization and an impersonation attacks, it is revealed that the secret information (i.e.: secret key and static identifier) shared between the tag and the reader is unnecessary. To overcome the vulnerability, this paper introduces Shelled Lightweight Random Value (SLRV) protocol; a mutual authentication protocol with high-security potentials conforming to electronic product code (EPC) Class-1 Generation-2 Tags, based on lightweight and standard cryptography on the tag's and reader's side, respectively. SLRV prunes de-synchronization attacks where the updating of internal values is only executed on the tag's side and is a condition to a successful mutual authentication. Results of security analysis of SLRV, and comparison with existing protocols, are presented.
Vulnerability Analysis of a Mutual Authentication Scheme under the EPC Class1 Generation2 Standard
The security level of the EPC Class-1 Generation-2 RFID standard is very low, as shown in previous works such as . In particular, the security of the access and kill passwords of an RFID tag is almost non-existent. A first initiative by Konidala and Kim [5] tried to solve these problems by proposing a tag-reader mutual authentication scheme (TRMA) to protect the tag access password. However, Lim and Li showed how a passive attacker can recover the access password of the tag [6]. Recently, Konidala and Kim proposed a new version of the TRMA scheme (TRMA + ) in which the tag access and kill passwords are used for authentication . In this paper, we show that this new version still contains serious security flaws. The 16 least significant bits of the access password can be obtained with probability 2 −2 , and the 16 most significant bits with a probability higher than 2 −5 . Finally, we show how an attacker can recover the entire kill password with probability 2 −2 within 4 eavesdropped sessions in the case of a passive attack, or just 2 consecutive sessions under an active attack.
Vulnerabilities of an ECC-based RFID authentication scheme
Security and Communication Networks, 2015
Radio frequency identification (RFID) authentication is an indispensable part of RFID applications, which allows a reader to identify objects in an authenticated manner. Recently, Liao and Hsiao proposed a very interesting elliptic curve cryptography-based RFID authentication scheme with ID-verifier transfer protocol. They claimed that the proposed protocol is secure against many attacks and satisfies essential security requirements of RFID systems. However, in this paper, we demonstrate that the protocol suffers from several attacks, in contrast to their original claims in the paper. Furthermore, we also propose a repaired version of the authentication protocol against identified attacks, and we provide formal security proofs.
Attacks on an Efficient RFID Authentication Protocol
2010 10th IEEE International Conference on Computer and Information Technology, 2010
In this paper, we investigate the security of a recently proposed RFID authentication protocol that needs O(1) time complexity to find out the identifier of the RFID tag irrespective of the total number of the tags. We exhibit a flaw which has gone unnoticed in design of the protocol and show that it makes the scheme vulnerable to tracking attack, tag impersonation attack and denial of service attack, if the attacker has the possibility to tamper with only one RFID tag. Because low-cost devices are not tamper-resistant, such an attack could be feasible and we can apply the resulting attacks on authentication, untraceability and desynchronization resistance of the protocol.