Skip to main content
SpringerLink
Log in

Attacks on Recent RFID Authentication Protocols

  • Published:
Journal of Signal Processing Systems Aims and scope Submit manuscript

Abstract

The developing of RFID systems in sensitive applications like e-passport, e-health, credit cards, and personal devices, makes it necessary to consider the related issues such as maximum reading distance, communication speed and data security. The use of signal processing methods is an efficient and convenient way to achieve the maximum reading distance and communication rate. However, the signal processing techniques are not adequate to provide a reasonable level of security and privacy for RFID systems. Thus, it is necessary to employ specific authentication protocols which assure data security and preserve the user’s privacy. Among other security and privacy characteristic of an RFID authentication protocol, the untraceability and synchronization are the most important attributes. The former is strongly related to the privacy of tags and their holders, while the later has a significant role in the security and availability parameters. In this paper, we investigate two RFID authentication protocols proposed by Duc and Kim, and Song and Mitchell in terms of privacy and security. We analyze the protocol proposed by Duc and Kim and present desynchronization, traceability and forward traceability attacks. Besides, we study the weaknesses in the Song and Mitchell’s protocol and address its defects by applying desynchronization, traceability and backward traceability attacks. We also propose our revisions to secure the Song and Mitchell’s protocol against traceability and desynchronization attacks.

This is a preview of subscription content, log in via an institution to check access.

Access this article

Log in via an institution

Price excludes VAT (USA)
Tax calculation will be finalised during checkout.

Instant access to the full article PDF.

Figure 1
Figure 2
Figure 3

Similar content being viewed by others

References

  1. Alomair, B., Lazos, L., Poovendran, R. (2007). Passive attacks 849 on a class of authentication protocols for RFID. In K.-H. Nam & G. Rhee (Eds.), ICISC 2007. LNCS (Vol. 4817, pp. 10215). Springer.

  2. Avoine, G., & Oechslin, P. (2005). A scalable and provably secure hash based RFID protocol. In Proceedings of international work- shop on pervasive computing and communication security-persec 2005, (pp. 110114). IEEE Computer Society Press.

  3. Avoine, G. (2005). Adversarial model for radio frequency identification. Cryptology ePrint Archive, Report 2005/049. http://eprint.iacr.org/2005/049.

  4. Avoine, G. (2005). Cryptography in radio frequency identification and fair ex-change protocols. PhD thesis no. 3407, EPFL. http://library.epfl.ch/theses/?nr=3407.

  5. Avoine, G., Dysli, E., Oechslin, P. (2006). Reducing time complexity in RFID systems. In B. Preneel & S. Tavares (Eds.), SAC 2005. LNCS (Vol. 3897, pp. 291–306). Heidelberg: Springer.

    Google Scholar 

  6. Avoine, G., & Oechslin, P. (2005). RFID traceability: A multilayer problem. In A.S. Patrick & Yung, M. (Eds.), FC 2005. LNCS (Vol. 3570, pp. 125–140). Heidelberg: Springer.

    Google Scholar 

  7. Banks, J., Pachano, M., Thompson, L., Hanny, D. (2007). RFID applied. New Jersey: Wiley.

    Book  Google Scholar 

  8. Burmester, M., van Le, T., de Medeiros, B. (2006). Provably secure ubiquitous systems: Universally composable RFID authentication protocols. In SecureComm 2006. Conference on security and privacy for emerging areas in communication networks. Baltimore: IEE press.

    Google Scholar 

  9. Burmester, M., Van Le, T., De Medeiros, B., Tsudik, G. (2009). Universally composable RFID identification and authentication protocols. ACM Transactions on Information and Systems Security, 12(4). (Article 21).

  10. Carluccio, D., Lemke-Rust, K., Paar, C., Sadeghi, A.-R. (2007). E-Passport: The global traceability or how to feel like an UPS package. In J. K. Lee, O. Yi, M. Yung (Eds.), Proceedings WISA 2007, lecture notes in computer science (Vol. 4298, pp. 391–404). Berlin: Springer.

    Google Scholar 

  11. Deng, R. H., Li, Y., Yao, A. C., Yung, M., Zhao, Y. (2010). A new framework for RFID privacy. In D. Gritzalis, B. Preneel, M. Theoharidou (Eds.), ESORICS 2010. LNCS (Vol. 6345, pp. 1–18). Heidelberg: Springer.

    Google Scholar 

  12. Dimitriou, T. (2005). A lightweight RFID protocol to protect against traceability and cloning attacks. In Proceedings of secureComm 2005 (pp. 59–66).

  13. Duangsuwan, S., & Promwong, S. (2012). A RFID Reader suppressive interferences due to multipath. In PIERS proceedings, Kuala Lumpur, Malaysia (pp. 1472–1475).

  14. Duc, D. N., & Kim, K. (2011). Defending RFID authentication protocols against DoS attacks, 34(3),384–390.

    Article  Google Scholar 

  15. Gilbert, H., Robshaw, M., Sibert, H. An active attack against HB + -A provably secure lightweight authentication protocol. Cryptology ePrint Archive, Report 2005/23, http://eprint.iacr.org/2005/23.pdf.

  16. Ha, J., Moon, S., Zhou, J., Ha, J. (2008). A new formal proof model for RFID location privacy. In S. Jajodia & J Lopez (Eds.), ESORICS 2008. LNCS (Vol. 5283, pp. 267–281). Heidelberg: Springer.

    Google Scholar 

  17. Hancke, G. P. (2008). Eavesdropping attacks on high-frequency RFID tokens. In Proceedings of the 4th Workshop on RFID Security, RFIDSec08.

  18. Hernndez Castro, J.C., Peris-Lopez, P., Phan, R.C.-W., Estvez-Tapiador, J.M. (2010). Cryptanalysis of the David-Prasad RFID ultralightweight authentication protocol. In S.B. Ors Yalcin (Ed.), RFIDSec 2010. LNCS (Vol. 6370, pp. 2234). Springer.

  19. ISO/IEC 17799 (2005). Information technology-security tech niques-code of practice for information security management. International organization for standardization.

  20. Juels, A. (2005). Strengthening EPC tags against cloning. In The Proceedings of WiSe’05.

  21. Juels, A., & Weis, S. (2006). Defining strong privacy for RFID. Cryptology ePrint Archive, Report 2006/137, http://eprint.iacr.org/2006/137.

  22. Konomi, S., & Roussos, G. (2007). Ubiquitous computing in the real world: Lessons learnt from large scale RFID deployments. Personal and Ubiquitous Computing, 11(7), 507–521.

    Article  Google Scholar 

  23. Li, L., & Deng, R. H. (2007). Vulnerability analysis of EMAP-An efficient RFID mutual authentication protocol. In AReS 2007: Second International Conference on Availability Reliability and Security.

  24. Li, T., Wang, G., Deng, R. H. (2008). Security analysis on a family of ultra-lightweight RFID authentication protocols. Journal of Software, 3(3), 1–10.

    Article  Google Scholar 

  25. Lim, C. H., & Kwon, T. (2006). Strong and robust RFID authentication enabling perfect ownership transfer. In P. Ning, S. Qing, N Li (Eds.), ICICS 2006. LNCS (Vol. 4307, pp. 1–20). Heidelberg: Springer.

    Google Scholar 

  26. Ma, C., Li, Y., Deng, R., Li, T. (2009). RFID privacy: Relation between two notions, minimal condition, and efficient construction. In ACM CCS.

  27. Michelin Embeds RFID Tags in Tires. RFID Journal http://www.rfidjournal.com/article/articleview/269/1/1/.

  28. Mitrokotsa, A., Rieback, M.R., Tanenbaum, A.S. (2010). Classifying RFID attacks and defenses. Information Systems Frontiers - ISF, 12(5), 491–505.

    Article  Google Scholar 

  29. Mutti, C., & Wittneben, A. (2007). Robust signal detection in passive RFID systems. In First international eurasip workshop on RFID technology, Vienna.

  30. Ng, C.Y., Susilo, W., Mu, Y., Safavi-Naini, R. (2009). New privacy results on synchronized RFID authentication protocols against tag tracing. In M. Backes & P. Ning (Eds.), ESORICS 2009. LNCS (Vol. 5789, pp. 321–336). Heidelberg: Springer.

    Google Scholar 

  31. Ohkubo, M., Suzuki, K., Kinoshita, S. (2004). Efficient hash-chain based RFID privacy protection scheme. In N. Davies, E.D. Mynatt, I. Siio (Eds.), UbiComp 2004. LNCS Vol. 3205. Heidelberg: Springer.

    Google Scholar 

  32. Ouafi, K., & Phan, R.C.-W. (2008). Privacy of recent RFID authentication protocols. In L. Chen, Y. Mu, W. Susilo (Eds.), ISPEC 2008. LNCS (Vol. 4991, pp. 263–277). Heidelberg: Springer.

    Google Scholar 

  33. Ouafi, K., & Phan, R.C.-W. (2008). Traceable privacy of recent provably-secure RFID Protocols. In S.M. Bellovin & et al. (Eds.), ACNS 2008. LNCS (Vol. 5037, pp. 479–489). Heidelberg: Springer-Verlag.

    Google Scholar 

  34. Peris-Lopez, P., Hernndez Castro, J.C., Estvez-Tapiador, J.M., van der Lubbe, J.C.A. (2010). Security flaws in a recent ultralightweight RFID protocol. In Workshop on RFID security (RFIDSec Asia’10) of cryptology and information security series (Vol. 4, pp. 83–93). IOS Press.

  35. Peris-Lopez, P., Hernandez-Castro, J.C., Estevez-Tapiador, J.M., Ribagorda, A. (2010). Vulnerability analysis of RFID protocols for tag ownership transfer. Computer Networks, 54(9), 1502–1508.

    Article  MATH  Google Scholar 

  36. Phan, R.C.-W. (2009). Cryptanalysis of a new ultra lightweight RFID authentication protocol - SASI. IEEE Transactions on Dependable and Secure Computing, 6(4), 316–320.

    Article  Google Scholar 

  37. Phan, R.C.-W., Wu, J., Ouafi, K., Stinson, D.R. (2010). Privacy analysis of forward and backward untraceable RFID authentication schemes. Wireless Personal Communications, 54(2), Springer. doi: 10.1007/s11277-010-0001-0.

  38. Rizomiliotis, P., Rekleitis, E., Gritzalis, S. (2009). Security analysis of the Song-Mitchell authentication protocol for low-cost RFID tags. IEEE Communications Letters, 13(4), 274–276.

    Article  Google Scholar 

  39. Schuerenberg, B. K. (2005). Keeping tabs with RFID. Health Data Management, http://www.healthdatamanagement.com/issues/20051001/11276-1.html.

  40. Song, B. (2008). RFID tag ownership transfer. In Proceedings of workshop on RFID security (RFIDsec 2008), Budapest., (p. 2008). Hungary: Budapest.

    Google Scholar 

  41. Song, B., & Mitchell, C.J. (2008). RFID authentication protocol for low-cost tags. In V.D. Gligor, J. Hubaux, R. Poovendran (Eds.), ACM conference on wireless network security WiSec08, (pp. 140–147). USA: ACM Press.

    Chapter  Google Scholar 

  42. Song, B., & Mitchell, C.J. (2009). Scalable RFID pseudonym protocol. In Proceedings of the third international conference on network and system security NSS 2009 (pp. 216–224). IEEE Computer Society.

  43. Song, B., & Mitchell, C.J. (2011). Scalable RFID security protocols supporting tag ownership transfer. Computer Communications, 34(4), 556–566.

    Article  Google Scholar 

  44. Thales e-Security: Smart cards for payment systems. www.thalesesecurity.com/whitepapers/documents/smart-cards-payment-systems.pdf.

  45. Tsudik, G. (2006). YA-TRAP: Yet Another Trivial RFID Authentication Protocol. In Proceedings of PerCom 2006 (pp. 640–643).

  46. van Deursen, T., Mauw, S., Radomirović, S. (2008). Untraceability of RFID protocols. In J. A. Onieva et al. (Eds.), WISTP 2008. LNCS (Vol. 5019, pp. 115). Springer.

  47. van Deursen, T., & Radomirović, S. (2009). Algebraic attacks on RFID Protocols. In Proceedings of information security theory and practices: smart devices, pervasive systems, and ubiquitous networks (WISTP’09). LNCS, (Vol. 5746, pp. 38–51). Springer.

  48. van Deursen, T., & Radomirovic, S. (2008). Attacks on RFID protocols. Cryptology ePrint archive, Report 2008/310. http://eprint.iacr.org/2008/310.

  49. Vaudenay, S. (2007). On privacy models for RFID. In K. Kurosawa, (Ed.), ASIACRYPT 2007. LNCS (Vol. 4833, pp. 68–87). Heidelberg: Springer.

    Google Scholar 

  50. Vojtech, L. (2010). RFID signal denoising - experiments with neural network. Information and Communication Technologies and Services, 8(5), 111–113.

    Google Scholar 

Download references

Author information

Authors and Affiliations

  1. College of Information Science and Technology, Pennsylvania State University, University Park, PA, USA

    Mohammad Hassan Habibi

  2. ISSL Laboratory, EE Department, Sharif University of Technology, Tehran, Iran

    Mohammad Reza Aref

Authors
  1. Mohammad Hassan Habibi
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. Mohammad Reza Aref
    View author publications

    You can also search for this author in PubMed Google Scholar

Corresponding author

Correspondence to Mohammad Hassan Habibi.

Rights and permissions

Reprints and permissions

About this article

Cite this article

Habibi, M.H., Aref, M.R. Attacks on Recent RFID Authentication Protocols. J Sign Process Syst 79, 271–283 (2015). https://doi.org/10.1007/s11265-013-0844-1

Download citation

  • Received:

  • Revised:

  • Accepted:

  • Published:

  • Issue Date:

  • DOI: https://doi.org/10.1007/s11265-013-0844-1

Keywords

Search

Navigation