Vulnerability Analysis of PAP for RFID Tags

نویسندگان

  • Mu'awya Naser
  • Pedro Peris-Lopez
  • Mohammd Rafie
  • Jan C. A. van der Lubbe
چکیده

In this paper, we analyze the security of an RFID authentication protocol proposed by Liu and Bailey [1], called Privacy and Authentication Protocol (PAP), and show its vulnerabilities and faulty assumptions. PAP is a privacy and authentication protocol designed for passive tags. The authors claim that the protocol, being resistant to commonly assumed attacks, requires little computation and provides privacy protection and authentication. Nevertheless, we propose two traceability attacks and an impersonation attack, in which the revealing of secret information (i.e., secret key and static identifier) shared between the tag and the reader is unnecessary. Moreover, we review all basic assumptions on which the design of the protocol resides, Preprint Version August 24, 2010 and show how many of them are incorrect and are contrary to the common assumptions in RFID systems.

برای دانلود متن کامل این مقاله و بیش از 32 میلیون مقاله دیگر ابتدا ثبت نام کنید

ثبت نام

اگر عضو سایت هستید لطفا وارد حساب کاربری خود شوید

منابع مشابه

PAP: A privacy and authentication protocol for passive RFID tags

Passive Radio Frequency Identification (RFID) tags, due to their ability to uniquely identify every individual item and low cost, are well suited for supply chain management and are expected to replace barcodes in the near future. However, unlike barcodes, these tags have a longer range in which they are allowed to be scanned, subjecting them to unauthorized scanning by malicious readers and to...

متن کامل

RSPAE: RFID Search Protocol based on Authenticated Encryption

Search protocols are among the main applications of RFID systems. Since a search protocol should be able to locate a certain tag among many tags, not only it should be secure against RFID threats but also it should be affordable. In this article, an RFID-based search protocol will be presented. We use an encryption technique that is referred to as authenticated encryption in order to boost the ...

متن کامل

Game-Based Cryptanalysis of a Lightweight CRC-Based Authentication Protocol for EPC Tags

The term "Internet of Things (IoT)" expresses a huge network of smart and connected objects which can interact with other devices without our interposition. Radio frequency identification (RFID) is a great technology and an interesting candidate to provide communications for IoT networks, but numerous security and privacy issues need to be considered. In this paper, we analyze the security and ...

متن کامل

Puf-enabled Rfid Tags in Electronic Banking

Radio Frequency Identification (RFID) tags have a variety of applications in e-banking. For effective utilization of the technology, this should be reinforced toward security holes and attacks. One of the common attacks on RFID systems is RFID tags cloning. In this paper we review cloning attacks in ebanking. We propose solutions based on physical unclonable functions (PUF) and provide a suitab...

متن کامل

افزایش سرعت شناسایی در سیستم‌های RFID

Radio frequency identification (RFID) is a new generation of automatic identification systems, based on wireless communication technology. In these systems all the tags using one communication channel to communicate with the reader. When two or more tags transmit their data to the reader simultaneously, their transmitted signals will collide. Resolving this collision has a direct impact on the ...

متن کامل

ذخیره در منابع من


  با ذخیره ی این منبع در منابع من، دسترسی به آن را برای استفاده های بعدی آسان تر کنید

برای دانلود متن کامل این مقاله و بیش از 32 میلیون مقاله دیگر ابتدا ثبت نام کنید

ثبت نام

اگر عضو سایت هستید لطفا وارد حساب کاربری خود شوید

عنوان ژورنال:
  • CoRR

دوره abs/1008.3625  شماره 

صفحات  -

تاریخ انتشار 2010