EC-RAC: Enriching a Capacious RFID Attack Collection

  • Ton van Deursen
  • Saša Radomirović
Part of the Lecture Notes in Computer Science book series (LNCS, volume 6370)

Abstract

We demonstrate two classes of attacks on EC-RAC, a growing set of RFID protocols. Our first class of attacks concerns the compositional approach used to construct a particular revision of EC-RAC. We invalidate the authentication and privacy claims made for that revision.

We discuss the significance of the fact that RFID privacy is not compositional in general.

Our second class of attacks applies to all versions of EC-RAC and reveals hitherto unknown vulnerabilities in the latest version of EC-RAC. It is a general man-in-the-middle attack executable by a weak adversary.

We show a general construction for improving narrow-weak private protocols to wide-weak private protocols and indicate specific improvements for the flaws of EC-RAC exhibited in this document.

Keywords

RFID attacks privacy authentication compositionality 

Preview

Unable to display preview. Download preview PDF.

Unable to display preview. Download preview PDF.

References

  1. 1.
    van Deursen, T., Radomirović, S.: Attacks on RFID protocols (version 1.1). Cryptology ePrint Archive, Report 2008/310 (August 2009), http://eprint.iacr.org/2008/310
  2. 2.
    Heintze, N., Tygar, J.D.: A model for secure protocols and their compositions. IEEE Trans. Software Eng. 22(1), 16–30 (1996)CrossRefGoogle Scholar
  3. 3.
    Kelsey, J., Schneier, B., Wagner, D.: Protocol interactions and the chosen protocol attack. In: Security Protocols Workshop, pp. 91–104 (1997)Google Scholar
  4. 4.
    Canetti, R.: Universally composable security: A new paradigm for cryptographic protocols. In: FOCS, pp. 136–145 (2001)Google Scholar
  5. 5.
    Andova, S., Cremers, C., Gjøsteen, K., Mauw, S., Mjølsnes, S., Radomirović, S.: A framework for compositional verification of security protocols. Information and Computation 206, 425–459 (2008)MATHCrossRefMathSciNetGoogle Scholar
  6. 6.
    Cremers, C.: Feasibility of multi-protocol attacks. In: Proc. of The First International Conference on Availability, Reliability and Security (ARES), pp. 287–294. IEEE Computer Society, Austria (April 2006)CrossRefGoogle Scholar
  7. 7.
    Tzeng, W.G., Hu, C.M.: Inter-protocol interleaving attacks on some authentication and key distribution protocols. Inf. Process. Lett. 69(6), 297–302 (1999)MATHCrossRefGoogle Scholar
  8. 8.
    Lee, Y., Batina, L., Verbauwhede, I.: Untraceable RFID authentication protocols: Revision of EC-RAC. In: IEEE International Conference on RFID – RFID 2009, Orlando, Florida, USA, pp. 178–185 (April 2009)Google Scholar
  9. 9.
    Lee, Y.K., Batina, L., Verbauwhede, I.: EC-RAC (ECDLP based randomized access control): Provably secure RFID authentication protocol. In: Proceedings of the 2008 IEEE International Conference on RFID, pp. 97–104 (2008)Google Scholar
  10. 10.
    Lee, Y.K., Batina, L., Singelée, D., Verbauwhede, I.: Low-cost untraceable authentication protocols for RFID. In: 3rd ACM Conference on Wireless Network Security, WiSec 2010 (2010)Google Scholar
  11. 11.
    Lee, Y.K., Batina, L., Singelée, D., Verbauwhede, I.: Wide-weak privacy-preserving RFID authentication protocols. In: The 2nd International Conference on Mobile Lightweight Wireless Systems, Mobilight 2010. Springer, Heidelberg (2010)Google Scholar
  12. 12.
    Avoine, G.: Adversary model for radio frequency identification. Technical Report LASEC-REPORT-2005-001, Swiss Federal Institute of Technology (EPFL), Security and Cryptography Laboratory (LASEC), Lausanne, Switzerland (September 2005)Google Scholar
  13. 13.
    Juels, A., Weis, S.: Defining strong privacy for RFID. In: International Conference on Pervasive Computing and Communications, PerCom 2007, pp. 342–347. IEEE Computer Society Press, New York (March 2007)Google Scholar
  14. 14.
    Vaudenay, S.: On privacy models for RFID. In: Kurosawa, K. (ed.) ASIACRYPT 2007. LNCS, vol. 4833, pp. 68–87. Springer, Heidelberg (2007)CrossRefGoogle Scholar
  15. 15.
    van Deursen, T., Mauw, S., Radomirović, S.: Untraceability of RFID protocols. In: Onieva, J.A., Sauveron, D., Chaumette, S., Gollmann, D., Markantonakis, K. (eds.) WISTP 2008. LNCS, vol. 5019, pp. 1–15. Springer, Heidelberg (2008)CrossRefGoogle Scholar
  16. 16.
    Ha, J., Moon, S., Zhou, J., Ha, J.: A new formal proof model for RFID location privacy. In: Jajodia, S., Lopez, J. (eds.) ESORICS 2008. LNCS, vol. 5283, pp. 267–281. Springer, Heidelberg (2008)CrossRefGoogle Scholar
  17. 17.
    Ma, C., Li, Y., Deng, R.H., Li, T.: RFID privacy: relation between two notions, minimal condition, and efficient construction. In: ACM Conference on Computer and Communications Security, pp. 54–65 (2009)Google Scholar
  18. 18.
    Damgård, I., Pedersen, M.Ø.: RFID security: Tradeoffs between security and efficiency. In: Malkin, T. (ed.) CT-RSA 2008. LNCS, vol. 4964, pp. 318–332. Springer, Heidelberg (2008)CrossRefGoogle Scholar
  19. 19.
    Bringer, J., Chabanne, H., Icart, T.: Cryptanalysis of EC-RAC, a RFID identification protocol. In: Franklin, M.K., Hui, L.C.K., Wong, D.S. (eds.) CANS 2008. LNCS, vol. 5339, pp. 149–161. Springer, Heidelberg (2008)CrossRefGoogle Scholar
  20. 20.
    van Deursen, T., Radomirović, S.: Algebraic attacks on RFID protocols. In: Markowitch, O., Bilas, A., Hoepman, J.-H., Mitchell, C.J., Quisquater, J.-J. (eds.) Information Security Theory and Practice. Smart Devices, Pervasive Systems, and Ubiquitous Networks. LNCS, vol. 5746, pp. 38–51. Springer, Heidelberg (2009)CrossRefGoogle Scholar
  21. 21.
    Fan, J., Hermans, J., Vercauteren, F.: On the claimed privacy of EC-RAC III. Cryptology ePrint Archive, Report 2010/132 (2010), http://eprint.iacr.org/
  22. 22.
    Song, B.: RFID Tag Ownership Transfer. In: Workshop on RFID Security, RFIDSec 2008, Budapest, Hungary (July 2008)Google Scholar
  23. 23.
    Dimitriou, T.: rfidDOT: RFID delegation and ownership transfer made simple. In: Proc. 4th International Conference on Security and Privacy in Communication Networks, pp. 1–8. ACM, New York (September 2008)CrossRefGoogle Scholar
  24. 24.
    van Deursen, T., Mauw, S., Radomirović, S., Vullers, P.: Secure ownership and ownership transfer in RFID systems. In: Backes, M., Ning, P. (eds.) ESORICS 2009. LNCS, vol. 5789, pp. 637–654. Springer, Heidelberg (2009)CrossRefGoogle Scholar
  25. 25.
    Lowe, G.: A hierarchy of authentication specifications. In: 10th Computer Security Foundations Workshop (CSFW 1997), June 10-12, pp. 31–44. IEEE Computer Society, USA (1997)CrossRefGoogle Scholar
  26. 26.
    Cremers, C.: Scyther - Semantics and Verification of Security Protocols. Ph.D. dissertation, Eindhoven University of Technology (2006)Google Scholar
  27. 27.
    Blanchet, B.: An efficient cryptographic protocol verifier based on prolog rules. In: 14th IEEE Computer Security Foundations Workshop (CSFW), pp. 82–96. IEEE Computer Society, Los Alamitos (2001)CrossRefGoogle Scholar
  28. 28.
    Backes, M., Pfitzmann, B., Waidner, M.: Limits of the BRSIM/UC soundness of Dolev-Yao models with hashes. In: Gollmann, D., Meier, J., Sabelfeld, A. (eds.) ESORICS 2006. LNCS, vol. 4189, pp. 404–423. Springer, Heidelberg (2006)CrossRefGoogle Scholar

Copyright information

© Springer-Verlag Berlin Heidelberg 2010

Authors and Affiliations

  • Ton van Deursen
    • 1
  • Saša Radomirović
    • 1
  1. 1.University of LuxembourgLuxembourg

Personalised recommendations