Skip to main content

Practical attacks on a mutual authentication scheme under the EPC Class-1 Generation-2 standard

Peris-Lopez, Pedro, Li, Tieyan, Hernandez-Castro, Julio C., Tapiador, Juan E. (2009) Practical attacks on a mutual authentication scheme under the EPC Class-1 Generation-2 standard. Computer Communications, 32 (7-10). pp. 1185-1193. ISSN 0140-3664. (doi:10.1016/j.comcom.2009.03.010) (Access to this publication is currently restricted. You may be able to access a copy if URLs are provided) (KAR id:31950)

Language: English

Restricted to Repository staff only
Contact us about this Publication
Official URL


The EPC Class-1 Generation-2 RFID standard provides little security, as has been shown in previous works such as [S. Karthikeyan, M. Nesterenko, RFID security without extensive cryptography, in: Proceedings of the 3rd ACM Workshop on Security of Ad Hoc and Sensor Networks, 2005, pp. 63-67; D.N. Duc, J. Park, H. Lee, K. Kim, Enhancing security of EPCglobal Gen-2 RFID tag against traceability and cloning, in: The 2006 Symposium on Cryptography and Information Security, 2006; H.Y. Chien, C.H. Chen, Mutual authentication protocol for RFID conforming to EPC Class 1 Generation 2 standards, Computer Standards & Interfaces 29 (2007) 254-259; P. Peris-Lopez, J.C. Hernandez-Castro, J.M. Estevez-Tapiador, A. Ribagorda, Cryptanalysis of a novel authentication protocol conforming to EPC-C1G2 standard, in: Proceedings of Int'l Conference on RFID Security (RFIDSec)'07, Jul 2007; T.L. Lim, T. Li, Addressing the weakness in a lightweight RFID tag-reader mutual authentication scheme, in Proceedings of the IEEE Int'l Global Telecommunications Conference (GLOBECOM) 2007, Nov 2007, pp. 59-63]. In particular, the security of an RFID tag's access and kill passwords is almost non-existent. Konidala and Kim recently proposed a new mutual authentication scheme [D.M. Konidala, Z. Kim, K. Kim, A simple and cost-effective RFID tag-reader mutual authentication scheme, in: Proceedings of Int'l Conference on RFID Security (RFIDSec)'07, Jul 2007, pp. 141-152] - an improved version of their first attempt [D.M. Konidala, K. Kim, RFID tag-reader mutual authentication scheme utilizing tag's access password, Auto-ID Labs White Paper WP-HARDWARE-033, Jan 2007] - in which a tag's access and kill passwords are used for authentication. In this paper, we show that the new scheme continues to present serious security flaws. The 16 least significant bits of the access password can be obtained with probability 2- 2, and the 16 most significant bits with a probability greater than 2- 5. Finally, we show how an attacker can recover the entire kill password with probability 2- 2.

Item Type: Article
DOI/Identification number: 10.1016/j.comcom.2009.03.010
Uncontrolled keywords: Attacks; EPC-C1G2 standard; RFID; Security
Subjects: Q Science > QA Mathematics (inc Computing science) > QA 75 Electronic computers. Computer science
Divisions: Faculties > Sciences > School of Computing > Security Group
Depositing User: Julio Hernandez Castro
Date Deposited: 24 Oct 2012 13:04 UTC
Last Modified: 03 Mar 2020 04:04 UTC
Resource URI: (The current URI for this page, for reference purposes)
Hernandez-Castro, Julio C.:
  • Depositors only (login required):


Downloads per month over past year