Weaknesses in Two RFID Authentication Protocols

  • Noureddine Chikouche
  • Foudil Cherif
  • Pierre-Louis Cayrel
  • Mohamed Benmohammed
Part of the Lecture Notes in Computer Science book series (LNCS, volume 9084)


One of the most important challenges related to Radio Frequency Identification (RFID) systems is security. In this paper, we analyze the security and performance of two recent RFID authentication protocols based on two different code-based cryptography schemes. The first one, proposed by Malek and Miri, is based on randomized McEliece cryptosystem. The second one, proposed by Li et al., is based on Quasi Cyclic-Moderate Density Parity Check (QC-MDPC) McEliece cryptosystem. We provide enough evidence to prove that these two RFID authentication protocols are not secure. Furthermore, we propose an improved protocol that eliminates existing weaknesses in studied protocols.


McEliece cryptosystem RFID Authentication protocol Desynchronization attack Traceability attack 


Unable to display preview. Download preview PDF.

Unable to display preview. Download preview PDF.


  1. 1.
    Berger, T.P., Cayrel, P.-L., Gaborit, P., Otmani, A.: Reducing key length of the mcEliece cryptosystem. In: Preneel, B. (ed.) AFRICACRYPT 2009. LNCS, vol. 5580, pp. 77–97. Springer, Heidelberg (2009)CrossRefGoogle Scholar
  2. 2.
    Chien, H., Laih, C.: Ecc-based lightweight authentication protocol with untraceability for low-cost RFID. J. Parallel Distrib. Comput. 69(10), 848–853 (2009)CrossRefGoogle Scholar
  3. 3.
    Cui, Y., Kobara, K., Matsuura, K., Imai, H.: Lightweight asymmetric privacy-preserving authentication protocols secure against active attack. IEICE Transactions 91-D(5), 1457–1465 (2008)Google Scholar
  4. 4.
    van Deursen, T., Mauw, S., Radomirović, S.: Untraceability of RFID protocols. In: Onieva, J.A., Sauveron, D., Chaumette, S., Gollmann, D., Markantonakis, K. (eds.) WISTP 2008. LNCS, vol. 5019, pp. 1–15. Springer, Heidelberg (2008)CrossRefGoogle Scholar
  5. 5.
    Li, Z., Zhang, R., Yang, Y., Li, Z.: A provable secure mutual RFID authentication protocol based on error-correct code. In: Proceedings of 2014 International Conference on Cyber-Enabled Distributed Computing and Knowledge Discovery, pp. 73–78. IEEE (2014)Google Scholar
  6. 6.
    Malek, B., Miri, A.: Lightweight mutual RFID authentication. In: Proceedings of IEEE ICC 2012, pp. 868–872. IEEE (2012)Google Scholar
  7. 7.
    McEliece, R.J.: A public-key system based on algebraic coding theory. Tech. Rep. 44, Jet Propulsion Lab, DSN Progress Report (1978)Google Scholar
  8. 8.
    Misoczki, R., Barreto, P.M.: Compact McEliece keys from Goppa codes. In: Jacobson Jr., M.J., Rijmen, V., Safavi-Naini, R. (eds.) SAC 2009. LNCS, vol. 5867, pp. 376–392. Springer, Heidelberg (2009)CrossRefGoogle Scholar
  9. 9.
    Misoczki, R., Tillich, J.P., Sendrier, N., Barreto, P.S.L.M.: MDPC-McEliece: New McEliece Variants from Moderate Density Parity-Check Codes. In: Cryptology ePrint Archive, Report 2012/409 (2012)Google Scholar
  10. 10.
    Nojima, R., Imai, H., Kobara, K., Morozov, K.: Semantic security for the McEliece cryptosystem without random oracles. Designs, Codes and Cryptography 49(1-3), 289–305 (2008)CrossRefzbMATHMathSciNetGoogle Scholar
  11. 11.
    Overbeck, R., Sendrier, N.: Code-based cryptography. In: Post-Quantum Cryptography, pp. 95–145. Springer, Heidelberg (2009)CrossRefGoogle Scholar
  12. 12.
    Sekino, T., Cui, Y., Kobara, K., Imai, H.: Privacy enhanced RFID using Quasi-Dyadic fix domain shrinking. In: Proceedings of Global Telecommunications Conference, GLOBECOM 2010, pp. 1–5. IEEE (2010)Google Scholar
  13. 13.
    Suzuki, M., Kobara, K., Imai, H.: Privacy enhanced and light weight RFID system without tag synchronization and exhaustive search. In: Proceedings of the IEEE International Conference on Systems, Man and Cybernetics, pp. 1250–1255. IEEE (2006)Google Scholar

Copyright information

© Springer International Publishing Switzerland 2015

Authors and Affiliations

  • Noureddine Chikouche
    • 1
  • Foudil Cherif
    • 2
  • Pierre-Louis Cayrel
    • 3
  • Mohamed Benmohammed
    • 4
  1. 1.Computer Science DepartmentUniversity of M’silaM’silaAlgeria
  2. 2.Computer Science Department, LESIA LaboratoryUniversity of BiskraBiskraAlgeria
  3. 3.Laboratoire Hubert Curien, UMR CNRS 5516Saint-ÉtienneFrance
  4. 4.LIRE LaboratoryUniversity of Constantine 2ConstantineAlgeria

Personalised recommendations