论文信息 - Weaknesses in a new ultralightweight RFID authentication protocol with permutation - RAPP

Weaknesses in a new ultralightweight RFID authentication protocol with permutation - RAPP

Tian et al. proposed a novel ultralightweight RFID mutual authentication protocol [1] that has recently been analyzed in several articles. In this letter, we first propose a desynchronization attack that succeeds with probability almost 1, which improves upon the 0.25 given in a previous analysis by Ahmadian et al. We also show that the bad properties of the proposed permutation function can be exploited to disclose several bits of the tag's secret rather than just 1bit as previously shown by Avoine et al., which increases the power of a traceability attack. Finally, we show how to extend the aforementioned attack to run a full disclosure attack, which requires to eavesdrop less protocol runs than the proposed attack by Wang et al. i.e., 192<<2 30. Copyright © 2013 John Wiley & Sons, Ltd.

Masoumeh Safkhani | Nasour Bagheri | Juan E. Tapiador | Pedro Peris-Lopez

[1] Mohammad Reza Aref,et al. Desynchronization attack on RAPP ultralightweight authentication protocol , 2013, Inf. Process. Lett..

[2] Raphael C.-W. Phan,et al. Cryptanalysis of a New Ultralightweight RFID Authentication Protocol—SASI , 2009, IEEE Transactions on Dependable and Secure Computing.

[3] Yun Tian,et al. A New Ultralightweight RFID Authentication Protocol with Permutation , 2012, IEEE Communications Letters.

[4] Gildas Avoine,et al. Yet Another Ultralightweight Authentication Protocol That Is Broken , 2011, RFIDSec.

[5] Sujuan Liu,et al. Security Analysis of RAPP An RFID Authentication Protocol based on Permutation , 2012, IACR Cryptol. ePrint Arch..