Cryptanalaysis of an EPCC1G2 Standard Compliant Ownership Transfer Scheme

Authors:
Jorge Munilla;Fuchun Guo;Willy Susilo
Affiliations:
E.T.S.I. Telecomunicación, University of Málaga, Málaga, Spain;School of Computer Science and Software Engineering, University of Wollongong, Wollongong, Australia;School of Computer Science and Software Engineering, University of Wollongong, Wollongong, Australia
Venue:
Wireless Personal Communications: An International Journal
Year:
2013

Citing 13
Cited 0

Handbook of Applied Cryptography

Handbook of Applied Cryptography
RFID Handbook: Fundamentals and Applications in Contactless Smart Cards and Identification

RFID Handbook: Fundamentals and Applications in Contactless Smart Cards and Identification
RFID and Contactless Smart Card Applications

RFID and Contactless Smart Card Applications
Defining Strong Privacy for RFID

PERCOMW '07 Proceedings of the Fifth IEEE International Conference on Pervasive Computing and Communications Workshops
Security in RFID and Sensor Networks

Security in RFID and Sensor Networks
On privacy models for RFID

ASIACRYPT'07 Proceedings of the Advances in Crypotology 13th international conference on Theory and application of cryptology and information security
Lightweight RFID authentication with forward and backward security

ACM Transactions on Information and System Security (TISSEC)
Practical RFID ownership transfer scheme

Journal of Computer Security - 2010 Workshop on RFID Security (RFIDSec'10 Asia)
Multi-tag and multi-owner RFID ownership transfer in supply chains

Decision Support Systems
A scalable, delegatable pseudonym protocol enabling ownership transfer of RFID tags

SAC'05 Proceedings of the 12th international conference on Selected Areas in Cryptography
A scalable RFID authentication protocol supporting ownership transfer and controlled delegation

RFIDSec'11 Proceedings of the 7th international conference on RFID Security and Privacy
Single RFID Tag Ownership Transfer Protocols

IEEE Transactions on Systems, Man, and Cybernetics, Part C: Applications and Reviews
An Ownership Transfer Scheme Using Mobile RFIDs

Wireless Personal Communications: An International Journal

Quantified Score

Hi-index	0.00

Visualization

Abstract

Recently, Chen and Chien have proposed a novel ownership transfer scheme with low implementation costs and conforming to the EPC Class-1 Generation-2 standard. The authors claimed that the proposed scheme is able to resist all attacks, and hence it has better security and performance than its predecessors. However, in this paper we show that the protocol fails short of its security objectives, and it is even less secure than the previously proposed schemes. In fact, we describe several attacks which allow to recover all the secret information stored in the tag. Obviously, once this information is known, tags can be easily traced and impersonated.