Attacks on RFID Protocols Ton van

This document consists of a description of attack methodologies and a collection of detailed attacks upon RFID protocols. It is meant to serve as a quick and easy reference and it will be updated as new attacks are found. Currently the only attacks on protocols shown in full detail are the authors’ original attacks with references to similar attacks on other protocols. The main security properties considered are authentication, untraceability, and desynchronization resistance.

[1]  Sjouke Mauw,et al.  Secure Ownership and Ownership Transfer in RFID Systems , 2009, ESORICS.

[2]  Kwangjo Kim,et al.  A Scalable and Untraceable Authentication Protocol for RFID , 2006, EUC Workshops.

[3]  Tsuyoshi Takagi,et al.  An Efficient and Secure RFID Security Method with Ownership Transfer , 2006, 2006 International Conference on Computational Intelligence and Security.

[4]  Ari Juels,et al.  Defining Strong Privacy for RFID , 2007, Fifth Annual IEEE International Conference on Pervasive Computing and Communications Workshops (PerComW'07).

[5]  Pedro Peris-López,et al.  LMAP : A Real Lightweight Mutual Authentication Protocol for Low-cost RFID tags , 2006 .

[6]  Nai-Wei Lo,et al.  Novel RFID Authentication Schemes for Security Enhancement and System Efficiency , 2007, Secure Data Management.

[7]  Cas J. F. Cremers,et al.  Operational Semantics of Security Protocols , 2003, Scenarios: Models, Transformations and Tools.

[8]  Ari Juels,et al.  Authenticating Pervasive Devices with Human Protocols , 2005, CRYPTO.

[9]  Joshua D. Guttman,et al.  Strand spaces: why is a security protocol correct? , 1998, Proceedings. 1998 IEEE Symposium on Security and Privacy (Cat. No.98CB36186).

[10]  L. Batina,et al.  EC-RAC (ECDLP Based Randomized Access Control): Provably Secure RFID authentication protocol , 2008, 2008 IEEE International Conference on RFID.

[11]  Serge Vaudenay,et al.  Mutual authentication in RFID: security and privacy , 2008, ASIACCS '08.

[12]  T. Sejnowski,et al.  RFID authentication protocol for low-cost tags , 2001 .

[13]  Basel Alomair,et al.  Passive Attacks on a Class of Authentication Protocols for RFID , 2007, ICISC.

[14]  Kevin Fu,et al.  Cryptanalysis of Two Lightweight RFID Authentication Schemes , 2007, Fifth Annual IEEE International Conference on Pervasive Computing and Communications Workshops (PerComW'07).

[15]  Yingjiu Li,et al.  Protecting RFID communications in supply chains , 2007, ASIACCS '07.

[16]  Kwangjo Kim,et al.  RFID mutual Authentication Scheme based on Synchronized Secret Information , 2006 .

[17]  Juan E. Tapiador,et al.  EMAP: An Efficient Mutual-Authentication Protocol for Low-Cost RFID Tags , 2006, OTM Workshops.

[18]  Dong Hoon Lee,et al.  Secure Mobile RFID system against privacy and security problems , 2007, Third International Workshop on Security, Privacy and Trust in Pervasive and Ubiquitous Computing (SecPerU 2007).

[19]  Danny Dolev,et al.  On the security of public key protocols , 1981, 22nd Annual Symposium on Foundations of Computer Science (sfcs 1981).

[20]  István Vajda,et al.  Lightweight Authentication Protocols for Low-Cost RFID Tags , 2003 .

[21]  Dong Hoon Lee,et al.  Efficient RFID Authentication Protocol for Ubiquitous Computing Environment , 2005, EUC Workshops.

[22]  Juan E. Tapiador,et al.  Cryptanalysis of a novel authentication protocol conforming to EPC-C1G2 standard , 2009, Comput. Stand. Interfaces.

[23]  Hung-Yu Chien,et al.  A Lightweight RFID Protocol Using Substring , 2007, EUC.

[24]  JaeCheol Ha,et al.  Security Analysis and Enhancement of One-Way Hash Based Low-Cost Authentication Protocol (OHLCAP) , 2007, PAKDD Workshops.

[25]  Sasa Radomirovic,et al.  Security of RFID Protocols - A Case Study , 2009, STM@IFIPTM.

[26]  Tieyan Li,et al.  Security Analysis of Two Ultra-Lightweight RFID Authentication Protocols , 2007, SEC.

[27]  Serge Vaudenay,et al.  On Privacy Models for RFID , 2007, ASIACRYPT.

[28]  JaeCheol Ha,et al.  Low-Cost and Strong-Security RFID Authentication Protocol , 2007, EUC Workshops.

[29]  Julien Bringer,et al.  Cryptanalysis of EC-RAC, a RFID Identification Protocol , 2008, CANS.

[30]  Gavin Lowe,et al.  A hierarchy of authentication specifications , 1997, Proceedings 10th Computer Security Foundations Workshop.

[31]  Juan E. Tapiador,et al.  M2AP: A Minimalist Mutual-Authentication Protocol for Low-Cost RFID Tags , 2006, UIC.

[32]  Ivan Damgård,et al.  RFID Security: Tradeoffs between Security and Efficiency , 2008, CT-RSA.

[33]  DaeHun Nyang,et al.  RFID Authentication Protocol with Strong Resistance Against Traceability and Denial of Service Attacks , 2005, ESAS.

[34]  Kwangjo Kim,et al.  Mutual Authentication Protocol for Low-cost RFID , 2005, CRYPTO 2005.

[35]  Sasa Radomirovic,et al.  Security of an RFID Protocol for Supply Chains , 2008, 2008 IEEE International Conference on e-Business Engineering.

[36]  Matthew J. B. Robshaw,et al.  An Active Attack Against HB +-A Provably Secure Lightweight Authentication Protocol , 2022 .

[37]  Hung-Yu Chien,et al.  Mutual authentication protocol for RFID conforming to EPC Class 1 Generation 2 standards , 2007, Comput. Stand. Interfaces.

[38]  Nai-Wei Lo,et al.  An Efficient Mutual Authentication Scheme for EPCglobal Class-1 Generation-2 RFID System , 2007, EUC Workshops.

[39]  Roberto Di Pietro,et al.  Information Confinement, Privacy, and Security in RFID Systems , 2007, ESORICS.

[40]  Dong Hoon Lee,et al.  Secure EPCglobal Class-1 Gen-2 RFID System Against Security and Privacy Problems , 2006, OTM Workshops.

[41]  Paul Müller,et al.  Hash-based enhancement of location privacy for radio-frequency identification devices using varying identifiers , 2004, IEEE Annual Conference on Pervasive Computing and Communications Workshops, 2004. Proceedings of the Second.

[42]  Sjouke Mauw,et al.  Untraceability of RFID Protocols , 2008, WISTP.

[43]  Whitfield Diffie,et al.  New Directions in Cryptography , 1976, IEEE Trans. Inf. Theory.