On the claimed privacy of EC-RAC III

Authors:
Junfeng Fan;Jens Hermans;Frederik Vercauteren
Affiliations:
Department of Electrical Engineering, COSIC, K.U. Leuven and IBBT, Leuven-Heverlee, Belgium;Department of Electrical Engineering, COSIC, K.U. Leuven and IBBT, Leuven-Heverlee, Belgium;Department of Electrical Engineering, COSIC, K.U. Leuven and IBBT, Leuven-Heverlee, Belgium
Venue:
RFIDSec'10 Proceedings of the 6th international conference on Radio frequency identification: security and privacy issues
Year:
2010

Citing 5
Cited 2

Efficient Identification and Signatures for Smart Cards

CRYPTO '89 Proceedings of the 9th Annual International Cryptology Conference on Advances in Cryptology
Provably Secure and Practical Identification Schemes and Corresponding Signature Schemes

CRYPTO '92 Proceedings of the 12th Annual International Cryptology Conference on Advances in Cryptology
Cryptanalysis of EC-RAC, a RFID Identification Protocol

CANS '08 Proceedings of the 7th International Conference on Cryptology and Network Security
Low-cost untraceable authentication protocols for RFID

Proceedings of the third ACM conference on Wireless network security
On privacy models for RFID

ASIACRYPT'07 Proceedings of the Advances in Crypotology 13th international conference on Theory and application of cryptology and information security

Hierarchical ECC-Based RFID authentication protocol

RFIDSec'11 Proceedings of the 7th international conference on RFID Security and Privacy
Light-weight primitive, feather-weight security: a cryptanalytic knock-out

Proceedings of the Workshop on Embedded Systems Security

Quantified Score

Hi-index	0.00

Visualization

Abstract

In this paper we show how to break the most recent version of EC-RAC with respect to privacy. We show that both the ID-Transfer and ID&PWD-Transfer schemes from EC-RAC do not provide the claimed privacy levels by using a man-in-the-middle attack. The existence of these attacks voids the presented privacy proofs for EC-RAC.