Secure Human Identification Protocols
ASIACRYPT '01 Proceedings of the 7th International Conference on the Theory and Application of Cryptology and Information Security: Advances in Cryptology
Mutual authentication protocol for RFID conforming to EPC Class 1 Generation 2 standards
Computer Standards & Interfaces
Defining Strong Privacy for RFID
PERCOMW '07 Proceedings of the Fifth IEEE International Conference on Pervasive Computing and Communications Workshops
IEEE Transactions on Dependable and Secure Computing
A Minimalist Mutual Authentication Protocol for RFID System & BAN Logic Analysis
CCCM '08 Proceedings of the 2008 ISECS International Colloquium on Computing, Communication, Control, and Management - Volume 02
Cryptanalysis of a novel authentication protocol conforming to EPC-C1G2 standard
Computer Standards & Interfaces
Advances in Ultralightweight Cryptography for Low-Cost RFID Tags: Gossamer Protocol
Information Security Applications
Vulnerability of an RFID authentication protocol conforming to EPC Class 1 Generation 2 Standards
Computer Standards & Interfaces
Cryptanalysis of a New Ultralightweight RFID Authentication Protocol—SASI
IEEE Transactions on Dependable and Secure Computing
Authenticating pervasive devices with human protocols
CRYPTO'05 Proceedings of the 25th annual international conference on Advances in Cryptology
Hi-index | 0.00 |
The design of secure authentication solutions for low-cost RFID tags is still an open and quite challenging problem, though many algorithms have been published lately. In this paper, we analyze two recent proposals in this research area. First, Mitra's scheme is scrutinized, revealing its vulnerability to cloning and traceability attacks, which are among the security objectives pursued in the protocol definition [1]. Later, we show how the protocol is vulnerable against a full disclosure attack after eavesdropping a small number of sessions. Then, we analyze a new EPC-friendly scheme conforming to EPC Class-1 Generation-2 specification (ISO/IEC 180006-C), introduced by Qingling and Yiju [2]. This proposal attempts to correct many of the well known security shortcomings of the standard, and even includes a BAN logic based formal security proof. However, notwithstanding this formal security analysis, we show that Qingling et al.'s protocol offers roughly the same security as the standard they try to improve, is vulnerable to tag and reader impersonation attacks, and allows tag traceability.