Peris-Lopez, Pedro and Li, Tieyan and Hernandez-Castro, Julio C. and Tapiador, Juan E. (2009) Practical attacks on a mutual authentication scheme under the EPC Class-1 Generation-2 standard. Computer Communications, 32 (7-10). pp. 1185-1193. ISSN 0140-3664.
Restricted to Repository staff only
| Contact us about this Publication
The EPC Class-1 Generation-2 RFID standard provides little security, as has been shown in previous works such as [S. Karthikeyan, M. Nesterenko, RFID security without extensive cryptography, in: Proceedings of the 3rd ACM Workshop on Security of Ad Hoc and Sensor Networks, 2005, pp. 63-67; D.N. Duc, J. Park, H. Lee, K. Kim, Enhancing security of EPCglobal Gen-2 RFID tag against traceability and cloning, in: The 2006 Symposium on Cryptography and Information Security, 2006; H.Y. Chien, C.H. Chen, Mutual authentication protocol for RFID conforming to EPC Class 1 Generation 2 standards, Computer Standards & Interfaces 29 (2007) 254-259; P. Peris-Lopez, J.C. Hernandez-Castro, J.M. Estevez-Tapiador, A. Ribagorda, Cryptanalysis of a novel authentication protocol conforming to EPC-C1G2 standard, in: Proceedings of Int'l Conference on RFID Security (RFIDSec)'07, Jul 2007; T.L. Lim, T. Li, Addressing the weakness in a lightweight RFID tag-reader mutual authentication scheme, in Proceedings of the IEEE Int'l Global Telecommunications Conference (GLOBECOM) 2007, Nov 2007, pp. 59-63]. In particular, the security of an RFID tag's access and kill passwords is almost non-existent. Konidala and Kim recently proposed a new mutual authentication scheme [D.M. Konidala, Z. Kim, K. Kim, A simple and cost-effective RFID tag-reader mutual authentication scheme, in: Proceedings of Int'l Conference on RFID Security (RFIDSec)'07, Jul 2007, pp. 141-152] - an improved version of their first attempt [D.M. Konidala, K. Kim, RFID tag-reader mutual authentication scheme utilizing tag's access password, Auto-ID Labs White Paper WP-HARDWARE-033, Jan 2007] - in which a tag's access and kill passwords are used for authentication. In this paper, we show that the new scheme continues to present serious security flaws. The 16 least significant bits of the access password can be obtained with probability 2- 2, and the 16 most significant bits with a probability greater than 2- 5. Finally, we show how an attacker can recover the entire kill password with probability 2- 2.
|Uncontrolled keywords:||Attacks; EPC-C1G2 standard; RFID; Security|
|Subjects:||Q Science > QA Mathematics (inc Computing science) > QA 75 Electronic computers. Computer science|
|Divisions:||Faculties > Science Technology and Medical Studies > School of Computing > Security Group|
|Depositing User:||Julio Hernandez-Castro|
|Date Deposited:||24 Oct 2012 13:04|
|Last Modified:||18 Mar 2013 16:34|
|Resource URI:||http://kar.kent.ac.uk/id/eprint/31950 (The current URI for this page, for reference purposes)|
- Depositors only (login required):