On the Security of Tan et al. Serverless RFID Authentication and Search Protocols
نویسندگان
چکیده
In this paper, we analyze the security of the mutual authentication and search protocols recently proposed by Tan et al. [20]. Our security analysis clearly highlights important security pitfalls in these. More precisely, privacy location of the tags’ holder is compromised by the authentication protocol. Moreover, the static identifier which represents the most valuable information that a tag supposedly transmits in a secure way, can be exposed by an adversary when the authentication protocol is used in combination with one of the search protocols. Finally, we point out how the improved search protocols are vulnerable to traceability attacks, and show the way an attacker can impersonate a legitimate tag.
منابع مشابه
Game-Based Cryptanalysis of a Lightweight CRC-Based Authentication Protocol for EPC Tags
The term "Internet of Things (IoT)" expresses a huge network of smart and connected objects which can interact with other devices without our interposition. Radio frequency identification (RFID) is a great technology and an interesting candidate to provide communications for IoT networks, but numerous security and privacy issues need to be considered. In this paper, we analyze the security and ...
متن کاملA note on the security of two improved RFID protocols
Recently, Baghery et al. [1, 2] presented some attacks on two RFID protocols, namely Yoon and Jung et al. protocols, and proposed the improved version of them. However, in this note, we show that the improved version of the Jung et al. protocol suffers from desynchronization attack and the improved version of the Yoon's protocol suffers from secret disclosure attack. The succe...
متن کاملServerless Search and Authentication Protocols for RFID
With the increasing popularity of RFID applications, different authentication schemes have been proposed to provide security and privacy protection to users. Most recent RFID protocols use a central database to store the RFID tag data. An RFID reader first queries the RFID tag and returns the reply to the database. After authentication, the database returns the tag data to the reader. In this p...
متن کاملEnhancing privacy of recent authentication schemes for low-cost RFID systems
Nowadays Radio Frequency Identification (RFID) systems have appeared in lots of identification and authentication applications. In some sensitive applications, providing secure and confidential communication is very important for end-users. To this aim, different RFID authentication protocols have been proposed, which have tried to provide security and privacy of RFID users. In this paper, we a...
متن کاملHMAC-Based Authentication Protocol: Attacks and Improvements
As a response to a growing interest in RFID systems such as Internet of Things technology along with satisfying the security of these networks, proposing secure authentication protocols are indispensable part of the system design. Hence, authentication protocols to increase security and privacy in RFID applications have gained much attention in the literature. In this study, security and privac...
متن کامل