Algebraic Cryptanalysis and RFID Authentication

The standardization group ISO/IEC SC31/WG7 is working on a set of cryptographic suites to provide security to wireless devices including UHF RFID tags. These cryptographic suites are presented as independent parts to a single standard ISO/IEC 29167. Within this multi-part standard 29167-15 is based around very simple operations and intended to provide tag, interrogator, and mutual authentication. Here we show that these proposals can be fully compromised using algebraic cryptanalytic techniques; the entire key can be recovered after eavesdropping on just four authentications.

[1]  Willi Meier,et al.  Fast Algebraic Attacks on Stream Ciphers with Linear Feedback , 2003, CRYPTO.

[2]  Ralf-Philipp Weinmann,et al.  Block Ciphers: Algebraic Cryptanalysis and Gröbner Bases , 2009, Gröbner Bases, Coding, and Cryptography.

[3]  Kenneth G. Paterson,et al.  Unpicking PLAID: a cryptographic analysis of an ISO-standards-track authentication protocol , 2015, International Journal of Information Security.

[4]  Martin Hell,et al.  Grain-128a: a new version of Grain-128 with optional authentication , 2011, Int. J. Wirel. Mob. Comput..

[5]  Nicolas Courtois Cryptanalysis of Sfinks , 2005, ICISC.

[6]  Jacques Stern,et al.  On the Fly Authentication and Signature Schemes Based on Groups of Unknown Order , 2006, Journal of Cryptology.

[7]  Matthew J. B. Robshaw,et al.  Algebraic Aspects of the Advanced Encryption Standard (Advances in Information Security) , 2006 .

[8]  Massimiliano Sala,et al.  Gröbner Bases, Coding, and Cryptography , 2009 .

[9]  Andrey Bogdanov,et al.  PRESENT: An Ultra-Lightweight Block Cipher , 2007, CHES.

[10]  Juan E. Tapiador,et al.  M2AP: A Minimalist Mutual-Authentication Protocol for Low-Cost RFID Tags , 2006, UIC.

[11]  John D. Hunter,et al.  Matplotlib: A 2D Graphics Environment , 2007, Computing in Science & Engineering.

[12]  Matthew J. B. Robshaw,et al.  Algebraic aspects of the advanced encryption standard , 2006 .

[13]  Juan E. Tapiador,et al.  EMAP: An Efficient Mutual-Authentication Protocol for Low-Cost RFID Tags , 2006, OTM Workshops.

[14]  Daewan Han,et al.  Grobner Basis Attacks on Lightweight RFID Authentication Protocols , 2011, J. Inf. Process. Syst..