EPC class 1 Generation 2(or in short term EPC-C1 G2) is one of the most important standards for RFID passive tags. However, the original protocol known to be insecure. To improve the security of this standard, several protocols have been proposed compliant to this standard. In this paper we analyze the improved Yeh et al. ’s protocol by Yoon which is conforming to EPC-C1 G2 standard and is one ...

In this paper, we analyze the security vulnerabilities of two ultra-lightweight RFID mutual authentication protocols: LMAP and MAP, which are recently proposed by Peris-Lopez et al. We identify two effective attacks, namely De-synchronization attack and Full-disclosure attack, against their protocols. The former attack can break the synchronization between the RFID reader and the tag in a singl...

The vast majority of RFID authentication protocols assume the proximity between readers and tags due to the limited range of the radio channel. However, in real scenarios an intruder can be located between the prover (tag) and the verifier (reader) and trick this last one into thinking that the prover is in close proximity. This attack is generally known as a relay attack in which scope distanc...

We extend the FLUSH+RELOAD side-channel attack of Benger et al. to extract a significantly larger number of bits of information per observed signature when using OpenSSL. This means that by observing only 25 signatures, we can recover secret keys of the secp256k1 curve, used in the Bitcoin protocol, with a probability greater than 50 percent. This is an order of magnitude improvement over the p...

The article describes an attack on OpenPGP format, which leads to disclosure of the private signature keys of the DSA and RSA algorithms. The OpenPGP format is used in a number of applications including PGP, GNU Privacy Guard and other programs specified on the list of products compatible with OpenPGP, which is available at http://www.pgpi.org/products. Therefore all these applications must und...

The article describes an attack on OpenPGP format, which leads to disclosure of the private signature keys of the DSA and RSA algorithms. The OpenPGP format is used in a number of applications including PGP, GNU Privacy Guard and other programs specified on the list of products compatible with OpenPGP, which is available at http://www.pgpi.org/products. Therefore all these applications must und...

Patrons of a pub evaluated regular beer and "MIT brew" (regular beer plus a few drops of balsamic vinegar) in one of three conditions. One group tasted the samples blind (the secret ingredient was never disclosed). A second group was informed of the contents before tasting. A third group learned of the secret ingredient immediately after tasting, but prior to indicating their preference. Not su...

Many RFID authentication protocols have been proposed to provide desired security and privacy level for RFID systems. Almost all of these protocols are based symmetric cryptography because of the limited resources of RFID tags. Recently Cheng et. al have been proposed an RFID security protocol based on chaotic maps. In this paper, we analyze the security of this protocol and discover its vulner...

In this paper, we analyze the security vulnerabilities of a family of ultra-lightweight RFID mutual authentication protocols: LMAP [13], MAP [14] and EMAP [15], which are recently proposed by Peris-Lopez et al. We identify two effective attacks, namely de-synchronization attack and full-disclosure attack, against their protocols. The former permanently disables the authentication capability of ...

In this paper, we analyze the security of two recently proposed distance bounding protocols called the “Hitomi” and the “NUS” protocols. Our results show that the claimed security of both protocols has been overestimated. Namely, we show that the Hitomi protocol is susceptible to a full secret key disclosure attack which not only results in violating the privacy of the protocol but also can be ...