Defining Strong Privacy for RFID
PERCOMW '07 Proceedings of the Fifth IEEE International Conference on Pervasive Computing and Communications Workshops
RFID authentication protocol for low-cost tags
WiSec '08 Proceedings of the first ACM conference on Wireless network security
An Efficient and Secure RFID Security Method with Ownership Transfer
Computational Intelligence and Security
Security analysis of the Song-Mitchell authentication protocol for low-cost RFID tags
IEEE Communications Letters
A scalable, delegatable pseudonym protocol enabling ownership transfer of RFID tags
SAC'05 Proceedings of the 12th international conference on Selected Areas in Cryptography
Journal of Network and Computer Applications
Attacks on a lightweight mutual authentication protocol under EPC C-1 G-2 standard
WISTP'11 Proceedings of the 5th IFIP WG 11.2 international conference on Information security theory and practice: security and privacy of mobile devices in wireless communication
Addressing flaws in RFID authentication protocols
INDOCRYPT'11 Proceedings of the 12th international conference on Cryptology in India
A new framework for privacy of RFID path authentication
ACNS'12 Proceedings of the 10th international conference on Applied Cryptography and Network Security
An Ownership Transfer Scheme Using Mobile RFIDs
Wireless Personal Communications: An International Journal
Security and Privacy Analysis of Song---Mitchell RFID Authentication Protocol
Wireless Personal Communications: An International Journal
Hi-index | 0.00 |
In RFIDSec'08, Song proposed an ownership transfer scheme, which consists of an ownership transfer protocol and a secret update protocol [7]. The ownership transfer protocol is completely based on a mutual authentication protocol proposed in WiSec'08 [8]. In Rizomiliotis et al. (2009) [6], van Deursen and Radomirovic (2008), the first weaknesses to be identified (tag and server impersonation) were addressed and this paper completes the consideration of them all. We find that the mutual authentication protocol, and therefore the ownership transfer protocol, possesses certain weaknesses related to most of the security properties initially required in protocol design: tag information leakage, tag location tracking, and forward traceability. Moreover, the secret update protocol is not immune to de-synchronization attacks.