Abstract
Radio frequency identification (RFID) tag delegation enables a centralized back-end server to delegate the right to identify and authenticate a tag to specified readers. This should be used to mitigate the computational load on the server side and also to solve the issues in terms of latency and dependency on network connectivity. In this study, we describe a basic RFID delegation architecture and then under this model, we investigate the security of an RFID delegation protocol: Song Mitchell delegation (SMD), which is recently proposed by Song and Mitchell. We point out security flaws that have gone unnoticed in the design and present two attacks namely, a tag impersonation attack and a desynchronization attack against it. We also discover a subtle flaw by which a delegated entity can still keep its delegation rights after the expire of them—this infringes security policy of the scheme. More precisely, we show that the protocol will be still vulnerable to previously mentioned attacks, even if the back-end server ends the delegation right of a delegated reader and update the secrets of the delegated tags. To counteract such flaws, we improve the SMD protocol with a stateful variant so that it provides the claimed security properties.
Similar content being viewed by others
Notes
The same authentication steps are also done between an online reader and a tag as long as there exits corresponding tag identifers in the server list and c ≠ 0.
References
Ohkubo M, Suzuki K, Kinoshita S (2003) Cryptographic approach to "privacy-friendly" tags. In: RFID privacy workshop. MIT, MA
Henrici D, Müller P (2004) Hash-based enhancement of location privacy for radio-frequency identification devices using varying identifiers. In: International workshop on pervasive computing and communication security—PerSec 2004. IEEE Computer Society, Florida, USA, pp 149–153
Molnar D, Wagner D (2004) Privacy and security in Library RFID: issues, practices, and architectures. In: Conference on computer and communications security. ACM CCS, Washington DC, USA, pp 210–219
Rhee K, Kwak J, Kim S, Won D (2005) Challenge-response based RFID authentication protocol for distributed database environment. In: International conference on security in pervasive computing—SPC 2005. Lecture Notes in Computer Science, Springer-Verlag 3450:70–84
Dimitriou T (2005) A lightweight RFID protocol to protect against traceability and cloning attacks. In: Conference on security and privacy for emerging areas in communication networks—securecomm, Athens, Greece
Karthikeyan S, Nesterenko N (2005) RFID security without extensive cryptography. In: Workshop on security of Ad Hoc and sensor networks—SASN’05. Alexandria, Virginia, USA, pp 63–67
Duc DN, Park J, Lee H, Kim K (2006) Enhancing security of EPCglobal Gen-2 RFID tag against traceability and cloning. In: Symposium on cryptography and information security. Hiroshima, Japan
Chien H, Chen C (2007) Mutual authentication protocol for RFID conforming to EPC class 1 generation 2 standards. Comput Stand Interfaces 29(2):254–259
Ha JC, Moon SJ, Nieto JMG, Boyd C (2007) Low-cost and strong-security RFID authentication protocol. In: EUC workshops. Lecture Notes in Computer Science, Springer-Verlag 4809:795–807
Tsudik G (2007) A family of dunces: trivial RFID identification and authentication protocols. Cryptology ePrint Archive, Report 2006/015
Song B, Mitchell CJ (2008) RFID authentication protocol for low-cost tags. In: ACM conference on wireless network security—WiSec’08. ACM Press, Virginia, USA, pp 140–147
Shaoying C, Li Y, Li T, Deng R (2009) Attacks and improvements to an RFID mutual authentication protocol and its extensions. In: Proceedings of the second ACM conference on wireless network security—WiSec’09. Zurich, Switzerland
Avoine G (2010) RFID security & privacy lounge. http://www.avoine.net/rfid
Zhang Y, Kitsos P (2009) Security in RFID and sensor networks. Auerbach Publications, MA
Song B, Mitchell CJ (2011) Scalable RFID security protocols supporting tag ownership transfer. Comput Commun 34:556–566
Fouladgar S, Afifi H (2007) An efficient delegation and transfer of ownership protocol for RFID tags. In: First international EURASIP workshop on RFID technology. Vienna, Austria
Molnar D, Soppera A, Wagner D (2005) A scalable, delegatable pseudonym protocol enabling ownership transfer of RFID tags. In: Selected areas in cryptography—SAC 2005. Lecture Notes in Computer Science, Springer-Verlag 3897:276–290
Lim C, Kwon T (2006) Strong and robust RFID authentication enabling perfect ownership transfer. In: Conference on information and communications security—ICICS’06. Lecture Notes in Computer Science, Springer-Verlag 4307:1–20
Fouladgar S, Afifi H (2007) A simple privacy protecting scheme enabling delegation and ownership transfer for RFID tags. J Commun 2(6):6–13
Avoine G, Lauradoux C, Martin T (2009) When compromised readers meet RFID. In: Workshop on information security applications—WISA’09. Lecture Notes in Computer Science, Springer-Verlag 5932:36–50
Avoine G, Oechslin P (2005) RFID traceability: a multilayer problem. In: Financial cryptography—FC’05. Lecture Notes in Computer Science, Springer-Verlag 3570:125–140
Karygiannis A., Phillips T, Tsibertzopoulos A (2006) RFID security: a taxonomy of risk. In: Proceedings of the 1st international conference on communications and networking in China—ChinaCom’06, October 2006, Beijing, China, pp 1–7
Burmester M, de Medeiros B (2007) RFID security: attacks, countermeasures and challenges. In: Proceedings of the 5th RFID academic convocation. The RFID Journal Conference
van Deursen T, Radomirovic S (2009) Attacks on RFID protocols. Cryptology ePrint Archive, Report 2008/310
Mitrokotsa A, Rieback MR, Tanenbaum AS (2010) Classifying RFID attacks and defenses. Inf Syst Frontiers 12(5):491–505
Avoine G (2005) Adversarial model for radio frequency identification. Cryptology ePrint Archieve, Report 2005/049
Vaudenay S (2007) On privacy models for RFID. In Advances in Cryptology – ASIACRYPT 2007. Lecture Notes in Computer Science, Springer-Verlag 4833:68–87
Juels A, Weis S, (2007) Defining strong privacy for RFID. In: Proceedings of IEEE PerCom’07, pp 342–347
Ouafi K, Phan RC–W, (2008) Traceable privacy of recent provably–secure RFID protocols, In: Proceedings of the 6th international conference on applied cryptography and network security. NewYork, NY, USA, pp 479–489
Acknowledgments
The authors would like to thank the anonymous reviewers for their valuable comments and suggestions on this work.
Author information
Authors and Affiliations
Corresponding author
Rights and permissions
About this article
Cite this article
Erguler, I., Anarim, E. Security flaws in a recent RFID delegation protocol. Pers Ubiquit Comput 16, 337–349 (2012). https://doi.org/10.1007/s00779-011-0393-1
Received:
Accepted:
Published:
Issue Date:
DOI: https://doi.org/10.1007/s00779-011-0393-1