论文信息 - Weaknesses in a Recent Ultra-Lightweight RFID Authentication Protocol

Weaknesses in a Recent Ultra-Lightweight RFID Authentication Protocol

In this paper we show weaknesses in SASI, a new Ultra-Lightweight RFID Authentication Protocol, designed for providing Strong Authentication and Strong Integrity. We identify three attacks, namely, a de-synchronisation attack, through which an adversary can break the synchronisation between the RFID Reader and the Tag, an identity disclosure attack, through which an adversary can compute the identity of the Tag, and a full disclosure attack, which enables an adversary to retrieve all secret data stored in the Tag. The attacks are effective and efficient.

Alfredo De Santis | Paolo D'Arco

[1] Simson L. Garfinkel,et al. RFID privacy: an overview of problems and proposed solutions , 2005, IEEE Security & Privacy Magazine.

[2] Hung-Yu Chien,et al. SASI: A New Ultralightweight RFID Authentication Protocol Providing Strong Authentication and Strong Integrity , 2007, IEEE Transactions on Dependable and Secure Computing.

[3] Robert H. Deng,et al. Vulnerability Analysis of EMAP-An Efficient RFID Mutual Authentication Protocol , 2007, The Second International Conference on Availability, Reliability and Security (ARES'07).

[4] Zahir Tari,et al. On The Move to Meaningful Internet Systems 2003: OTM 2003 Workshops , 2003, Lecture Notes in Computer Science.

[5] Juan E. Tapiador,et al. EMAP: An Efficient Mutual-Authentication Protocol for Low-Cost RFID Tags , 2006, OTM Workshops.

[6] Ari Juels. The Vision of Secure RFID , 2007 .

[7] Hung-Yu Chien,et al. Security of ultra-lightweight RFID authentication protocols and its improvements , 2007, OPSR.

[8] Tieyan Li,et al. Security Analysis of Two Ultra-Lightweight RFID Authentication Protocols , 2007, SEC.

[9] Juan E. Tapiador,et al. M2AP: A Minimalist Mutual-Authentication Protocol for Low-Cost RFID Tags , 2006, UIC.