New Findings on RFID Authentication Schemes against De-synchronization Attack
In order to protect privacy of RFID tag against malicious tag tracing activities, most RFID authentication protocols support forward/backward security properties by updating the same secret values held at both tag end and database end asynchronously during each authentication session. However, in re...
Saved in:
| Main Authors: | , , , , |
|---|---|
| Format: | text |
| Language: | English |
| Published: |
Institutional Knowledge at Singapore Management University
2012
|
| Subjects: | |
| Online Access: | https://ink.library.smu.edu.sg/sis_research/1629 http://www.ijicic.org/ijicic-11-03059.pdf |
| Tags: |
Add Tag
No Tags, Be the first to tag this record!
|
| Institution: | Singapore Management University |
| Language: | English |
| id |
sg-smu-ink.sis_research-2628 |
|---|---|
| record_format |
dspace |
| spelling |
sg-smu-ink.sis_research-26282013-01-10T07:09:08Z New Findings on RFID Authentication Schemes against De-synchronization Attack YEH, Kuo-Hui LO, Nai-Wei LI, Yingjiu CHEN, Yung-Chun WU, Tzong-Chen In order to protect privacy of RFID tag against malicious tag tracing activities, most RFID authentication protocols support forward/backward security properties by updating the same secret values held at both tag end and database end asynchronously during each authentication session. However, in real network environments an adversary may easily interrupt or interfere transmission of necessary key update message in each authentication session such that key re synchronization between tag and database cannot be completed, which is named as de-synchronization attack. To defend against this security threat, recent RFID authentication schemes have applied redundant secret/key design to allow a tag with de-synchronized secret to successfully communicate with server/database in its next authentication session. In this paper, we first categorize existing authentification protocols into three types based on their key update mechanisms. Then security evaluation on de-synchronization attack is conducted for type I and II protocols. Two attack models and theorems show that synchronization mechanisms used in type I and II schemes cannot defend against de-synchronization attack. Finally, three remarks are further presented to support our important finding: most existing RFID authentication schemes cannot simultaneously provide forward/backward security and resistance for de- synchronization attack in practical setting. 2012-01-01T08:00:00Z text https://ink.library.smu.edu.sg/sis_research/1629 http://www.ijicic.org/ijicic-11-03059.pdf Research Collection School Of Computing and Information Systems eng Institutional Knowledge at Singapore Management University De-synchronization attack RFID authentication Tag identification Security Numerical Analysis and Scientific Computing |
| institution |
Singapore Management University |
| building |
SMU Libraries |
| continent |
Asia |
| country |
Singapore Singapore |
| content_provider |
SMU Libraries |
| collection |
InK@SMU |
| language |
English |
| topic |
De-synchronization attack RFID authentication Tag identification Security Numerical Analysis and Scientific Computing |
| spellingShingle |
De-synchronization attack RFID authentication Tag identification Security Numerical Analysis and Scientific Computing YEH, Kuo-Hui LO, Nai-Wei LI, Yingjiu CHEN, Yung-Chun WU, Tzong-Chen New Findings on RFID Authentication Schemes against De-synchronization Attack |
| description |
In order to protect privacy of RFID tag against malicious tag tracing activities, most RFID authentication protocols support forward/backward security properties by updating the same secret values held at both tag end and database end asynchronously during each authentication session. However, in real network environments an adversary may easily interrupt or interfere transmission of necessary key update message in each authentication session such that key re synchronization between tag and database cannot be completed, which is named as de-synchronization attack. To defend against this security threat, recent RFID authentication schemes have applied redundant secret/key design to allow a tag with de-synchronized secret to successfully communicate with server/database in its next authentication session. In this paper, we first categorize existing authentification protocols into three types based on their key update mechanisms. Then security evaluation on de-synchronization attack is conducted for type I and II protocols. Two attack models and theorems show that synchronization mechanisms used in type I and II schemes cannot defend against de-synchronization attack. Finally, three remarks are further presented to support our important finding: most existing RFID authentication schemes cannot simultaneously provide forward/backward security and resistance for de- synchronization attack in practical setting. |
| format |
text |
| author |
YEH, Kuo-Hui LO, Nai-Wei LI, Yingjiu CHEN, Yung-Chun WU, Tzong-Chen |
| author_facet |
YEH, Kuo-Hui LO, Nai-Wei LI, Yingjiu CHEN, Yung-Chun WU, Tzong-Chen |
| author_sort |
YEH, Kuo-Hui |
| title |
New Findings on RFID Authentication Schemes against De-synchronization Attack |
| title_short |
New Findings on RFID Authentication Schemes against De-synchronization Attack |
| title_full |
New Findings on RFID Authentication Schemes against De-synchronization Attack |
| title_fullStr |
New Findings on RFID Authentication Schemes against De-synchronization Attack |
| title_full_unstemmed |
New Findings on RFID Authentication Schemes against De-synchronization Attack |
| title_sort |
new findings on rfid authentication schemes against de-synchronization attack |
| publisher |
Institutional Knowledge at Singapore Management University |
| publishDate |
2012 |
| url |
https://ink.library.smu.edu.sg/sis_research/1629 http://www.ijicic.org/ijicic-11-03059.pdf |
| _version_ |
1770571357741907968 |