Security Analysis of a PUF based RFID Authentication Protocol
نویسندگان
چکیده
In this paper we consider the security of a PUF based RFID Authentication protocol which has been recently proposed by Bassil et al. [2]. The designers have claimed that their protocol offers immunity against a broad range of attacks while it provides excellent performance. However, we prove in contrary to its designers claim, this protocol does not provide any security. We present an efficient secret disclosure attack which retrieves all secret parameters of the protocol. Given those secret parameters, it would be trivial to apply any other attack in the context on the protocol. However, to highlight other weaknesses of the protocol we present extra reader traceability, impersonation and desynchronization attacks that do not require disclosing the secret parameters necessarily. Success probability of all mentioned attacks is almost “1” while the complexity is at most two runs of protocol.
منابع مشابه
HMAC-Based Authentication Protocol: Attacks and Improvements
As a response to a growing interest in RFID systems such as Internet of Things technology along with satisfying the security of these networks, proposing secure authentication protocols are indispensable part of the system design. Hence, authentication protocols to increase security and privacy in RFID applications have gained much attention in the literature. In this study, security and privac...
متن کاملGame-Based Cryptanalysis of a Lightweight CRC-Based Authentication Protocol for EPC Tags
The term "Internet of Things (IoT)" expresses a huge network of smart and connected objects which can interact with other devices without our interposition. Radio frequency identification (RFID) is a great technology and an interesting candidate to provide communications for IoT networks, but numerous security and privacy issues need to be considered. In this paper, we analyze the security and ...
متن کاملEnhancing privacy of recent authentication schemes for low-cost RFID systems
Nowadays Radio Frequency Identification (RFID) systems have appeared in lots of identification and authentication applications. In some sensitive applications, providing secure and confidential communication is very important for end-users. To this aim, different RFID authentication protocols have been proposed, which have tried to provide security and privacy of RFID users. In this paper, we a...
متن کاملAn Improved Ownership Transfer and Mutual Authentication for Lightweight RFID Protocols
Radio Frequency Identification (RFID) technology is an automated identification technology which is widely used to identify and track all kind of objects. However, it is a challenging task to design an authentication protocol because of the limited resource of Lightweight RFID tags. Recently, a lightweight RFID authentication protocol and an ownership transfer of RFID tags are presented by Kuls...
متن کاملPuf-enabled Rfid Tags in Electronic Banking
Radio Frequency Identification (RFID) tags have a variety of applications in e-banking. For effective utilization of the technology, this should be reinforced toward security holes and attacks. One of the common attacks on RFID systems is RFID tags cloning. In this paper we review cloning attacks in ebanking. We propose solutions based on physical unclonable functions (PUF) and provide a suitab...
متن کاملRFID Security Using Lightweight Mutual Authentication And Ownership Transfer Protocol
In recent years, radio frequency identification technology has moved into the mainstream applications that help to speed up handling of manufactured goods and materials. RFID tags are divided into two classes: active and passive. Active tag requires a power source that’s why its cost is more than passive tags. However, the low-cost RFID tags are facing new challenges to security and privacy. So...
متن کاملذخیره در منابع من
با ذخیره ی این منبع در منابع من، دسترسی به آن را برای استفاده های بعدی آسان تر کنید
برای دانلود متن کامل این مقاله و بیش از 32 میلیون مقاله دیگر ابتدا ثبت نام کنید
ثبت ناماگر عضو سایت هستید لطفا وارد حساب کاربری خود شوید
ورودعنوان ژورنال:
- IACR Cryptology ePrint Archive
دوره 2011 شماره
صفحات -
تاریخ انتشار 2011