Defining Strong Privacy for RFID
PERCOMW '07 Proceedings of the Fifth IEEE International Conference on Pervasive Computing and Communications Workshops
Security of ultra-lightweight RFID authentication protocols and its improvements
ACM SIGOPS Operating Systems Review
IEEE Transactions on Dependable and Secure Computing
Architectural Solutions for Mobile RFID Services for the Internet of Things
SERVICES '08 Proceedings of the 2008 IEEE Congress on Services - Part I
A Survey of RFID Authentication Protocols Based on Hash-Chain Method
ICCIT '08 Proceedings of the 2008 Third International Conference on Convergence and Hybrid Information Technology - Volume 02
Smart Home Mobile RFID-Based Internet-of-Things Systems and Services
ICACTE '08 Proceedings of the 2008 International Conference on Advanced Computer Theory and Engineering
The Internet of Things in an Enterprise Context
Future Internet --- FIS 2008
Building the Internet of Things Using RFID: The RFID Ecosystem Experience
IEEE Internet Computing
The Internet of Things: A survey
Computer Networks: The International Journal of Computer and Telecommunications Networking
A Two-Step Mutual Authentication Protocol Based on Randomized Hash-Lock for Small RFID Networks
NSS '10 Proceedings of the 2010 Fourth International Conference on Network and System Security
Strong authentication and strong integrity (SASI) is not that strong
RFIDSec'10 Proceedings of the 6th international conference on Radio frequency identification: security and privacy issues
Efficient RNTS system for privacy of banking off-line customer
The Journal of Supercomputing
Pushing the limits: a very compact and a threshold implementation of AES
EUROCRYPT'11 Proceedings of the 30th Annual international conference on Theory and applications of cryptographic techniques: advances in cryptology
A case against currently used hash functions in RFID protocols
OTM'06 Proceedings of the 2006 international conference on On the Move to Meaningful Internet Systems: AWeSOMe, CAMS, COMINF, IS, KSinBIT, MIOS-CIAO, MONET - Volume Part I
RFID security and privacy: a research survey
IEEE Journal on Selected Areas in Communications
Hi-index | 0.00 |
Internet of Things is a paradigm that enables communication between different devices connected to a local network or to Internet. Identification and communication between sensors used in Internet of Things and devices like smart-phones or tablets are established using radio frequency identification technology. However, this technology still has several security and privacy issues because of its severe computational constraints. In 2011, Jeong and Anh proposed the combined use of an authentication radio frequency identification protocol together with a ticket issuing system for bank services (in J. Supercomput. 55:307, 2011). In this paper we show that their message generation is weak, because it abuses the XOR operation and the use of a counter, which leaks too much secret protocol information. Our analysis shows important security faults that ruin most of the security properties claimed in the original paper. More precisely, information privacy (via a disclosure and leakage attack) and location privacy (traceability attack) are both compromised. Moreover, an attacker can disrupt the proper working of the system by exploiting the fact that message integrity is not properly checked.