A Traceability Attack against e-Passports
نویسندگان
چکیده
Since 2004, many nations have started issuing “e-passports” containing an RFID tag that, when powered, broadcasts information. It is claimed that these passports are more secure and that our data will be protected from any possible unauthorised attempts to read it. In this paper we show that there is a flaw in one of the passport’s protocols that makes it possible to trace the movements of a particular passport, without having to break the passport’s cryptographic key. All an attacker has to do is to record one session between the passport and a legitimate reader, then by replaying a particular message, the attacker can distinguish that passport from any other. We have implemented our attack and tested it successfully against passports issued by a range of nations.
منابع مشابه
Traceability improvements of a new RFID protocol based on EPC C1 G2
Radio Frequency Identification (RFID) applications have spread all over the world. In order to provide their security and privacy, researchers proposed different kinds of protocols. In this paper, we analyze the privacy of a new protocol, proposed by Yu-Jehn in 2015 which is based on Electronic Product Code Class1 Generation 2 (EPC C1 G2) standard. By applying the Ouafi_Phan privacy model, we s...
متن کاملEnhancing privacy of recent authentication schemes for low-cost RFID systems
Nowadays Radio Frequency Identification (RFID) systems have appeared in lots of identification and authentication applications. In some sensitive applications, providing secure and confidential communication is very important for end-users. To this aim, different RFID authentication protocols have been proposed, which have tried to provide security and privacy of RFID users. In this paper, we a...
متن کاملHMAC-Based Authentication Protocol: Attacks and Improvements
As a response to a growing interest in RFID systems such as Internet of Things technology along with satisfying the security of these networks, proposing secure authentication protocols are indispensable part of the system design. Hence, authentication protocols to increase security and privacy in RFID applications have gained much attention in the literature. In this study, security and privac...
متن کامل1342 - 2812 Key - Substitution Attacks on
Group signatures were introduced by Chaum and Van Heyst [12], and many security requirements for group signatures have been proposed. Bellare, Micciancio, and Warinschi [4] showed that satisfying full-anonymity and full-traceability is sufficient, in the sence that all the above-mentioned requirements are implied by them. Wilson and Menezes [5] introduced a considerable attack against standard ...
متن کاملTraceability Improvements of a New RFID Protocol Based On EPC C1G2
Radio Frequency Identification (RFID) applications have spread all over the world and, in order to provide their security and privacy, researchers proposed different kind of protocols. In this paper, we analyzes the privacy of a new protocol, proposed by YuJehn in 2015 which is based on Electronic Product Code Class1 Generation 2 (EPC C1 G2) standard. By applying the Ouafi-Phan privacy model, w...
متن کامل