Attacks and Improvements to an RFID Mutual Authentication Protocol
In WiSec'08, Song and Mitchell proposed an RFID mutual authentication protocol. Song also extended this protocol for RFID tag ownership transfer. These two protocols are designed to have the most security properties in the literature. We discover that, however, the mutual authentication protoco...
Saved in:
| Main Authors: | , , , |
|---|---|
| Format: | text |
| Language: | English |
| Published: |
Institutional Knowledge at Singapore Management University
2009
|
| Subjects: | |
| Online Access: | https://ink.library.smu.edu.sg/sis_research/274 http://dx.doi.org/10.1145/1514274.1514282 |
| Tags: |
Add Tag
No Tags, Be the first to tag this record!
|
| Institution: | Singapore Management University |
| Language: | English |
| id |
sg-smu-ink.sis_research-1273 |
|---|---|
| record_format |
dspace |
| spelling |
sg-smu-ink.sis_research-12732010-09-24T05:42:03Z Attacks and Improvements to an RFID Mutual Authentication Protocol CAI, Shaoying LI, Yingjiu LI, Tieyan DENG, Robert H. In WiSec'08, Song and Mitchell proposed an RFID mutual authentication protocol. Song also extended this protocol for RFID tag ownership transfer. These two protocols are designed to have the most security properties in the literature. We discover that, however, the mutual authentication protocol is vulnerable to both tag impersonation attack and reader impersonation attack, which enable an adversary to impersonate any legitimate reader or tag. We also discover that the ownership transfer protocol is vulnerable to a de-synchronization attack, which prevents a legitimate reader from authenticating a legitimate tag, and vice versa. We analyze the vulnerabilities of these protocols and propose our revisions to eliminate the vulnerabilities with comparable storage and computational requirements. 2009-03-01T08:00:00Z text https://ink.library.smu.edu.sg/sis_research/274 info:doi/10.1145/1514274.1514282 http://dx.doi.org/10.1145/1514274.1514282 Research Collection School Of Computing and Information Systems eng Institutional Knowledge at Singapore Management University Information Security |
| institution |
Singapore Management University |
| building |
SMU Libraries |
| continent |
Asia |
| country |
Singapore Singapore |
| content_provider |
SMU Libraries |
| collection |
InK@SMU |
| language |
English |
| topic |
Information Security |
| spellingShingle |
Information Security CAI, Shaoying LI, Yingjiu LI, Tieyan DENG, Robert H. Attacks and Improvements to an RFID Mutual Authentication Protocol |
| description |
In WiSec'08, Song and Mitchell proposed an RFID mutual authentication protocol. Song also extended this protocol for RFID tag ownership transfer. These two protocols are designed to have the most security properties in the literature. We discover that, however, the mutual authentication protocol is vulnerable to both tag impersonation attack and reader impersonation attack, which enable an adversary to impersonate any legitimate reader or tag. We also discover that the ownership transfer protocol is vulnerable to a de-synchronization attack, which prevents a legitimate reader from authenticating a legitimate tag, and vice versa. We analyze the vulnerabilities of these protocols and propose our revisions to eliminate the vulnerabilities with comparable storage and computational requirements. |
| format |
text |
| author |
CAI, Shaoying LI, Yingjiu LI, Tieyan DENG, Robert H. |
| author_facet |
CAI, Shaoying LI, Yingjiu LI, Tieyan DENG, Robert H. |
| author_sort |
CAI, Shaoying |
| title |
Attacks and Improvements to an RFID Mutual Authentication Protocol |
| title_short |
Attacks and Improvements to an RFID Mutual Authentication Protocol |
| title_full |
Attacks and Improvements to an RFID Mutual Authentication Protocol |
| title_fullStr |
Attacks and Improvements to an RFID Mutual Authentication Protocol |
| title_full_unstemmed |
Attacks and Improvements to an RFID Mutual Authentication Protocol |
| title_sort |
attacks and improvements to an rfid mutual authentication protocol |
| publisher |
Institutional Knowledge at Singapore Management University |
| publishDate |
2009 |
| url |
https://ink.library.smu.edu.sg/sis_research/274 http://dx.doi.org/10.1145/1514274.1514282 |
| _version_ |
1770570367205638144 |