Abstract
The standardization group ISO/IEC SC31/WG7 is working on a set of cryptographic suites to provide security to wireless devices including UHF RFID tags. These cryptographic suites are presented as independent parts to a single standard ISO/IEC 29167. Within this multi-part standard 29167-15 is based around very simple operations and intended to provide tag, interrogator, and mutual authentication. Here we show that these proposals can be fully compromised using algebraic cryptanalytic techniques; the entire key can be recovered after eavesdropping on just four authentications.
This is a preview of subscription content, log in via an institution to check access.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
Preview
Unable to display preview. Download preview PDF.
Similar content being viewed by others
References
Ågren, M., Hell, M., Johansson, T., Meier, W.: Grain-128a: A New Version of Grain-128 with Optional Authentication. International Journal of Wireless and Mobile Computing 5(1), 48–59 (2011)
Bogdanov, A.A., Knudsen, L.R., Leander, G., Paar, C., Poschmann, A., Robshaw, M., Seurin, Y., Vikkelsoe, C.: present: An ultra-lightweight block cipher. In: Paillier, P., Verbauwhede, I. (eds.) CHES 2007. LNCS, vol. 4727, pp. 450–466. Springer, Heidelberg (2007)
Cid, C., Murphy, S., Robshaw, M.J.B.: Algebraic Aspects of the Advanced Encryption Standard. Springer (2006)
Cid, C., Weinmann, R.P.: Block ciphers: algebraic cryptanalysis and Groebner bases. In: Groebner Bases, Coding, and Cryptography, pp. 307–327. Springer (2009)
Courtois, N.T.: Cryptanalysis of sfinks. In: Won, D.H., Kim, S. (eds.) ICISC 2005. LNCS, vol. 3935, pp. 261–269. Springer, Heidelberg (2006)
Courtois, N., Meier, W.: Algebraic attacks on stream ciphers with linear feedback. In: Biham, E. (ed.) EUROCRYPT 2003. LNCS, vol. 2656, pp. 345–359. Springer, Heidelberg (2003)
Degabriele, J.P., Fehr, V., Fischlin, M., Gagliardoni, T., Günther, F., Azzurra Marson, G., Mittelbach, A., Paterson, K.G.: Unpicking PLAID - A Cryptographic Analysis of an ISO-standards-track Authentication Protocol. Cryptology ePrint Archive, Report 2014/728 (2014). http://eprint.iacr.org/
EPCglobal. EPC Radio Frequency Identity Protocols, Generation 2 UHF RFID. Specification for RFID Air Interface Protocol for Communications at 860 MHz – 960 MHz Version 1.2.0. Available via. http://www.gs1.org/gsmp/kc/epcglobal/uhfc1g2
EPCglobal. EPC Radio Frequency Identity Protocols, Generation 2 UHF RFID. Specification for RFID Air Interface Protocol for Communications at 860 MHz – 960 MHz Version 2.0.0. Available via. www.gs1.org/gsmp/kc/epcglobal/uhfc1g2
Girault, M., Poupard, G., Stern, J.: On the Fly Authentication and Signature Schemes Based on Groups of Unknown Order. Journal of Cryptology 19(4), 463–488 (2006)
Han, D.: Gröbner Basis Attacks on Lightweight RFID Authentication Protocols. Journal of Information Processing Systems 7(4), 691–706 (2011)
Hunter, J.D.: Matplotlib: A 2D graphics environment. Computing in Science & Engineering 9(3), 90–95 (2007)
ISO/IEC 29167-11:2014 – Information technology – Automatic identification and data capture techniques – Part 11: Crypto suite PRESENT-80 security services for air interface communications
ISO/IEC 29192-2:2011 – Information technology – Security techniques – Lightweight cryptography – Part 2: Block ciphers
ISO/IEC 29192-4:2013 – Information technology – Security techniques – Lightweight Cryptography – Part 4: Asymmetric Techniques
National Institute of Standards and Technology. FIPS 197: Advanced Encryption Standard, November 2001
National Institute of Standards and Technology. SHA-3 competition, Available via. csrc.nist.gov/groups/ST/hash/sha-3/index.html
Peris-Lopez, P., Hernandez-Castro, J.C., Estevez-Tapiador, J.M., Ribagorda, A.: M2AP: A minimalist mutual-authentication protocol for low-cost RFID tags. In: Ma, J., Jin, H., Yang, L.T., Tsai, J.J.-P. (eds.) UIC 2006. LNCS, vol. 4159, pp. 912–923. Springer, Heidelberg (2006)
Peris-Lopez, P., Hernandez-Castro, J.C., Estevez-Tapiador, J.M., Ribagorda, A.: EMAP: An efficient mutual-authentication protocol for low-cost RFID tags. In: Meersman, R., Tari, Z., Herrero, P. (eds.) OTM 2006 Workshops. LNCS, vol. 4277, pp. 352–361. Springer, Heidelberg (2006)
RAIN RFID. Available via. http://www.rainrfid.org
Stein, W.A., et al.: Sage Mathematics Software (Version 6.3), The Sage Development Team (2014). http://www.sagemath.org
Author information
Authors and Affiliations
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2015 Springer International Publishing Switzerland
About this paper
Cite this paper
Cid, C., Ferreira, L., Procter, G., Robshaw, M.J.B. (2015). Algebraic Cryptanalysis and RFID Authentication. In: Mangard, S., Schaumont, P. (eds) Radio Frequency Identification. RFIDSec 2015. Lecture Notes in Computer Science(), vol 9440. Springer, Cham. https://doi.org/10.1007/978-3-319-24837-0_7
Download citation
DOI: https://doi.org/10.1007/978-3-319-24837-0_7
Published:
Publisher Name: Springer, Cham
Print ISBN: 978-3-319-24836-3
Online ISBN: 978-3-319-24837-0
eBook Packages: Computer ScienceComputer Science (R0)