Skip to main content

Advertisement

Springer Nature Link
Log in

Security and Privacy Analysis of Song–Mitchell RFID Authentication Protocol

  • Published:
Wireless Personal Communications Aims and scope Submit manuscript

Abstract

Many applications, such as e-passport, e-health, credit cards, and personal devices that utilize Radio frequency Identification (RFID) devices for authentication require strict security and privacy. However, RFID tags suffer from some inherent weaknesses due to restricted hardware capabilities and are vulnerable to eavesdropping, interception, or modification. The synchronization and untraceability characteristics are the major determinants of RFID authentication protocols. They are strongly related to privacy of tags and availability, respectively. In this paper, we analyze a new lightweight RFID authentication protocol, Song and Mitchell, in terms of privacy and security. We prove that not only is the scheme vulnerable to desynchronization attack, but it suffers from traceability and backward traceability as well. Finally, our improved scheme is proposed which can prevent aforementioned attacks.

This is a preview of subscription content, log in via an institution to check access.

Access this article

Log in via an institution

Subscribe and save

Springer+ Basic
$34.99 /Month
  • Get 10 units per month
  • Download Article/Chapter or eBook
  • 1 Unit = 1 Article or 1 Chapter
  • Cancel anytime
Subscribe now

Buy Now

Price excludes VAT (USA)
Tax calculation will be finalised during checkout.

Instant access to the full article PDF.

Institutional subscriptions

Similar content being viewed by others

References

  1. Alomair B., Lazos L., Poovendran R. (2007) Passive attacks on a class of authentication protocols for RFID. In: Nam K.-H., Rhee G. (eds) ICISC 2007. LNCS. Springer, Heidelberg, pp 102–115

    Google Scholar 

  2. Avoine, G., & Oechslin, P. (2005). A scalable and provably secure hash based RFID protocol. In Proceedings of international workshop on pervasive computing and communication security-PerSec 2005, IEEE Computer Society Press, (pp. 110–114).

  3. Avoine, G. (2005). Adversarial model for radio frequency identification. Cryptology ePrint Archive, Report 2005/049, http://eprint.iacr.org/2005/049.

  4. Avoine, G. (2005). Cryptography in radio frequency identification and fair ex-change protocols. Phd Thesis no. 3407, EPFL, http://library.epfl.ch/theses/?nr=3407.

  5. Avoine G., Dysli E., Oechslin P. (2006) Reducing time complexity in RFID systems. In: Preneel B., Tavares S. (eds) SAC 2005. LNCS. Springer, Heidelberg, pp 291–306

    Google Scholar 

  6. Banks J., Pachano M., Thompson L., Hanny D. (2007) RFID applied. Wiley, Hoboken, New Jersey

    Book  Google Scholar 

  7. Burmester, M., van Le, T., & de Medeiros, B. (2006). Provably secure ubiquitous systems: Universally composable RFID authentication protocols. In SecureComm 2006. Conference on security and privacy for emerging areas in communication networks, Baltimore, USA: IEEE press.

  8. Burmester, M., van Le, T., & de Medeiros, B. (2007). Universally composable and forward-secure RFID authentication and authenticated key exchange. In: Proceedings of ASIACCS (pp. 242–252). New York: ACM Press.

  9. Carluccio D., Lemke-Rust K., Paar C., Sadeghi A.-R. (2007) E-passport: The global traceability or how to feel like an UPS package. In: Lee J. K., Yi O., Yung M. (eds) Proceedings of WISA 2007, lecture notes in computer science. Springer, Berlin, pp 391–404

    Google Scholar 

  10. Dimitriou, T. (2005). A lightweight RFID protocol to protect against traceability and cloning attacks. In: Proceedings of SecureComm 2005 (pp. 59–66).

  11. Gilbert, H., Robshaw, M., & Sibert, H. An active attack against HB+-A provably secure lightweight authentication protocol. Cryptology ePrint Archive, http://eprint.iacr.org/2005/23.pdf.

  12. Ha J., Moon S., Zhou J., Ha J. (2008) A new formal proof model for RFID location privacy. In: Jajodia S., Lopez J. (eds) ESORICS 2008. LNCS. Springer, Heidelberg, pp 267–281

    Chapter  Google Scholar 

  13. Hancke, G. P. (2004). Eavesdropping attacks on high-frequency RFID tokens. In R. Sandhu, & R. Thomas (Eds.), Proceedings of the 4th Workshop on RFID Security, RFIDSec08, (2008) identification devices using varying identifiers. International workshop on pervasive computing and communication security PerSec.

  14. Hernndez Castro J. C., Peris-Lopez P., Phan R. C.-W., Estvez-Tapiador J. M. (2010) Cryptanalysis of the David-Prasad RFID ultralightweight authentication protocol. In: Ors Yalcin S. B. (ed) RFIDSec 2010. LNCS. Springer, Heidelberg, pp 22–34

    Google Scholar 

  15. Hermans, J., Pashalidis, A., Vercauteren, F., & Preneel, B. (2011). A new RFID privacy model. In: V. Atluri, & C. Diaz (Eds.), ESORICS 2011, LNCS 6879 (pp. 568–587).

  16. Juels, A. (2005). Strengthening EPC tags against cloning. In the Proceedings of WiSe’05.

  17. Juels, A., & Weis, S. (2006). Defining strong privacy for RFID. Cryptology ePrint Archive, Report 2006/137, http://eprint.iacr.org/2006/137.

  18. Konomi S., Roussos G. (2007) Ubiquitous computing in the real world: Lessons learnt from large scale RFID deployments. Personal and Ubiquitous Computing 11(7): 507–521

    Article  Google Scholar 

  19. Li, L., & Deng, R. H. (2007). Vulnerability analysis of EMAP-An efficient RFID mutual authentication protocol. In: AReS 2007: Second international conference on availability, reliability and security.

  20. Li T., Wang G., Deng R. H. (2008) Security analysis on a family of ultra-lightweight RFID authentication protocols. Journal of Software 3(3): 1–10

    Article  Google Scholar 

  21. Lim C. H., Kwon T. (2006) Strong and robust RFID authentication enabling perfect ownership transfer. In: Ning P., Qing S., Li N. (eds) ICICS 2006. LNCS. Springer, Heidelberg, pp 1–20

    Google Scholar 

  22. Ma, C., Li, Y., Deng, R., & Li, T. (2009). RFID privacy: Relation between two notions, minimal condition, and efficient construction. In ACM CCS.

  23. Michelin Embeds RFID Tags in Tires. RFID Journal, http://www.rfidjournal.com/article/articleview/269/1/1/.

  24. Mitrokotsa A., Rieback M. R., Tanenbaum A. S. (2010) Classifying RFID attacks and defenses. Information Systems Frontiers-ISF 12(5): 491–505

    Article  Google Scholar 

  25. Ohkubo M., Suzuki K., Kinoshita S. (2004) Efficient hash-chain based RFID privacy protection scheme. In: Davies N., Mynatt E. D., Siio I. (eds) UbiComp 2004. LNCS. Springer, Heidelberg

    Google Scholar 

  26. Ouafi K., Phan R. C.-W. (2008) Privacy of recent RFID authentication protocols. In: Chen L., Mu Y., Susilo W. (eds) ISPEC 2008. LNCS. Springer, Heidelberg, pp 263–277

    Google Scholar 

  27. Ouafi K., Phan R. C.-W. et al (2008) Traceable privacy of recent provably-secure RFID protocols. In: Bellovin S. M. (ed) ACNS 2008. LNCS. Springer, Berlin, Heidelberg, pp 479–489

    Google Scholar 

  28. Peris-Lopez P., Hernandez-Castro J. C., Estevez-Tapiador J. M., Ribagorda A. (2010) Vulnerability analysis of RFID protocols for tag ownership transfer. Computer Networks 54(9): 1502–1508

    Article  MATH  Google Scholar 

  29. Peris-Lopez, P., Hernndez Castro, J. C., Estvez-Tapiador, J. M., & van der Lubbe, J. C. A. (2010). Security flaws in a recent ultralightweight RFID protocol. In Workshop on RFID security (RFIDSec Asia’10), volume 4 of cryptology and information security series (pp. 83–93). IOS Press.

  30. Rizomiliotis P., Rekleitis E., Gritzalis S. (2009) Security analysis of the Song-Mitchell authentication protocol for low-cost RFID tags. IEEE Communications Letters 13(4): 274–276

    Article  Google Scholar 

  31. Schuerenberg, B. K. (2005). Keeping tabs with RFID. Health Data Management, http://www.healthdatamanagement.com/issues/20051001/11276-1.html.

  32. Song, B. (2008). RFID tag ownership transfer. In Proceedings of workshop on RFID security (RFIDsec 2008), Budapest, Hungary.

  33. Song B., Mitchell C. J. (2008) RFID authentication protocol for low-cost tags. In: Gligor V.D., Hubaux J., Poovendran R. (eds) ACM conference on wireless network security WiSec08. ACM Press, USA, pp 140–147

    Chapter  Google Scholar 

  34. Song B., Mitchell C. J. (2009) Scalable RFID pseudonym protocol. In Proceedings of the third international conference on network and system security NSS 2009. IEEE Computer Society, (pp. 216–224).

  35. Song B., Mitchell C. J. (2011) Scalable RFID security protocols supporting tag ownership transfer. Computer Communications 34(4): 556–566

    Article  Google Scholar 

  36. Tsudik, G. (2006). YA-TRAP: Yet another trivial RFID authentication protocol. In Proceedings of PerCom 2006 (pp. 640–643).

  37. van Deursen T., Mauw S., Radomirović S. et al (2008) Untraceability of RFID protocols. In: Onieva J. A. (ed) WISTP 2008. LNCS. Springer, Heidelberg, pp 1–15

    Google Scholar 

  38. van Deursen, T., & Radomirovic, S. (2008). Attacks on RFID protocols. Cryptology ePrint archive, Report 2008/310, http://eprint.iacr.org/2008/310.

  39. van Deursen, T., & Radomirović, S. (2009). Algebraic attacks on RFID Protocols. In Proceedings of information security theory and practices: Smart devices, pervasive systems, and ubiquitous networks (WISTP’09). LNCS (Vol. 5746, pp. 38–51). Springer.

  40. Vaudenay, S. (2007). On privacy models for RFID. In K. Kurosawa (Ed.), ASIACRYPT 2007. LNCS, (Vol. 4833, pp. 68–87). Heidelberg, New York: Springer (2003) 454–469.

Download references

Author information

Authors and Affiliations

  1. College of Information Sciences and Technology, Pennsylvania State University, University Park, PA, USA

    Mohammad Hassan Habibi & Mohammad Reza Aref

Authors
  1. Mohammad Hassan Habibi
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. Mohammad Reza Aref
    View author publications

    You can also search for this author in PubMed Google Scholar

Corresponding author

Correspondence to Mohammad Hassan Habibi.

Rights and permissions

Reprints and permissions

About this article

Cite this article

Habibi, M.H., Aref, M.R. Security and Privacy Analysis of Song–Mitchell RFID Authentication Protocol. Wireless Pers Commun 69, 1583–1596 (2013). https://doi.org/10.1007/s11277-012-0652-0

Download citation

  • Published:

  • Issue Date:

  • DOI: https://doi.org/10.1007/s11277-012-0652-0

Keywords