Non-standard Attacks against Cryptographic Protocols, with an Example over a Simplified Mutual Authentication Protocol

  • Julio C. Hernandez-Castro
  • Juan M. E. Tapiador
  • Arturo Ribagorda
Part of the Communications in Computer and Information Science book series (CCIS, volume 14)


In this work, we present a simple model for the automated cryptanalysis of cryptographic protocols based on meta-heuristic search. We illustrate our approach with a straightforward application in the form of an attack against a slightly simplified version of an ultra-lightweight authentication protocol for RFID environments called SASI. We show how an attack based on Simulated Annealing can efficiently recover the tag’s secret ID, which is the value the protocol is designed to conceal.


Unable to display preview. Download preview PDF.

Unable to display preview. Download preview PDF.


  1. 1.
    Chien, H.-Y.: SASI: A New Ultralightweight RFID Authentication Protocol Providing Strong Authentication and Strong Integrity. IEEE Transactions on Dependable and Secure Computing 4(4), 337–340 (2007)MathSciNetCrossRefGoogle Scholar
  2. 2.
    Sun, H.-M., Ting, W.-C., Wang, K.-H.: On the Security of Chien’s Ultralightweight RFID Authentication Protocol. Cryptology ePrint Archive,
  3. 3.
    Klimov, A., Shamir, A.: New Applications of T-functions in Block Ciphers and Hash Functions. In: Gilbert, H., Handschuh, H. (eds.) FSE 2005. LNCS, vol. 3557. Springer, Heidelberg (2005)CrossRefGoogle Scholar
  4. 4.
    Clark, J.A., Jacob, J.L.: Fault Injection and a Timing Channel on an Analysis Technique. In: Knudsen, L.R. (ed.) EUROCRYPT 2002. LNCS, vol. 2332, pp. 181–196. Springer, Heidelberg (2002)CrossRefGoogle Scholar
  5. 5.
    Clark, J.A., Jacob, J.L.: Protocols are Programs Too: the Meta-heuristic Search for Security Protocols. Metheuristics for Software Engineering. Information Software Technology 43(14), 891–904 (2001)CrossRefGoogle Scholar
  6. 6.
    Wheeler, D.J., Needham, R.M.: TEA, a tiny encryption algorithm. In: Fast Software Encryption: Second International Workshop, Leuven, Belgium. LNCS, vol. 1008, pp. 363–366. Springer, Heidelberg (1994)CrossRefGoogle Scholar
  7. 7.
    Bernstein, D.J.: The Salsa20 stream cipher, slides of talk at ECRYPT STVL Workshop on Symmetric Key Encryption (2005),
  8. 8.
    Pointcheval, D.: A New Identification Scheme Based on the Perceptron Problems. In: Advances in Cryptology Eurocrypt 1995. LNCS, vol. 2199. Springer, Heidelberg (1995)Google Scholar
  9. 9.
    Needham, R.M., Wheeler, D.J.: Tea extensions. Technical report, Computer Laboratory. University of Cambridge, Cambridge (October 1997)Google Scholar

Copyright information

© Springer-Verlag Berlin Heidelberg 2008

Authors and Affiliations

  • Julio C. Hernandez-Castro
    • 1
  • Juan M. E. Tapiador
    • 1
  • Arturo Ribagorda
    • 1
  1. 1.Department of Computer ScienceCarlos III University of MadridSpain

Personalised recommendations