RFIDSec 2013: Radio Frequency Identification pp 57-68 | Cite as
Desynchronization and Traceability Attacks on RIPTA-DA Protocol
Abstract
Recently Gao et al. proposed a lightweight RFID mutual authentication protocol [3] to resist against intermittent position trace attacks and desynchronization attacks and called it RIPTA-DA. They also verified their protocol’s security by data reduction method with the learning parity with noise (LPN) and also formally verified the functionality of the proposed scheme by Colored Petri Nets. In this paper, we investigate RIPTA-DA’s security. We present an efficient secret disclosure attack against the protocol which can be used to mount both de-synchronization and traceability attacks against the protocol. Thus our attacks show that RIPTA-DA protocol is not a RIPTA-DA.
Keywords
RFID Security Disclosure attack Intermittence position trace attack Desynchronization attackNotes
Acknowledgments
We would like to thank anonymous reviewers for useful comments.
References
- 1.Bagheri, N., Safkhani, M., Peris-Lopez, P., Tapiador, J.E.: Weaknesses in a new ultralightweight RFID authentication protocol with permutation-RAPP. Secur. Commun. Networks (2013). doi: 10.1002/sec.803
- 2.Bogdanov, A., Knudsen, L.R., Leander, G., Paar, C., Poschmann, A., Robshaw, M., Seurin, Y., Vikkelsoe, C.: PRESENT: an ultra-lightweight block cipher. In: Paillier, P., Verbauwhede, I. (eds.) CHES 2007. LNCS, vol. 4727, pp. 450–466. Springer, Heidelberg (2007)Google Scholar
- 3.Gao, L., Ma, M., Shu, Y., Wei, Y.: A security protocol resistant to intermittent position trace attacks and desynchronization attacks in RFID systems. Wirel. Pers. Commun. 68(4), 1943–1959 (2013)CrossRefGoogle Scholar
- 4.Hung-Yu, C.: SASI: a new ultralightweight RFID authentication protocol providing strong authentication and strong integrity. IEEE Trans. Dependable Secure Comput. 4(4), 337–340 (2007)CrossRefGoogle Scholar
- 5.Information technology Radio frequency identification for item management. Part 6: parameters for air interface communications at 860 MHz to 960 MHz. http://www.iso.org (2005)
- 6.Peris-Lopez, P., Hernandez-Castro, J.C., Tapiador, J.M.E., Ribagorda, A.: Advances in ultralightweight cryptography for low-cost RFID tags: gossamer protocol. In: Chung, K.-I., Sohn, K., Yung, M. (eds.) WISA 2008. LNCS, vol. 5379, pp. 56–68. Springer, Heidelberg (2008)Google Scholar
- 7.Peris-Lopez, P., Hernandez-Castro, J.C., Estevez-Tapiador, J.M., Ribagorda, A.: EMAP: an efficient mutual-authentication protocol for low-cost RFID tags. In: Meersman, R., Tari, Z., Herrero, P. (eds.) OTM 2006 Workshops. LNCS, vol. 4277, pp. 352–361. Springer, Heidelberg (2006)Google Scholar
- 8.Peris-Lopez, P., Hernandez-Castro, J.C., Estevez-Tapiador, J.M., Ribagorda, A.: RFID specification revisited. In: The Internet of Things: From RFID to the Next-Generation Pervasive Networked Systems, pp. 311–346. Taylor & Francis, Bristol (2008)Google Scholar
- 9.Qian, Z., Chen, C., You, I., Lu, S.: ACSP: a novel security protocol against counting attack for UHF RFID systems. Comput. Math. Appl. 63(2), 492–500 (2012)CrossRefGoogle Scholar
- 10.Safkhani, M., Peris-Lopez, P., Bagheri, N., Naderi, M., Hernandez-Castro, J.C.: On the security of Tan et al. serverless RFID authentication and search protocols. In: Hoepman, J.-H., Verbauwhede, I. (eds.) RFIDSec 2012. LNCS, vol. 7739, pp. 1–19. Springer, Heidelberg (2013)Google Scholar
- 11.Sun, H.-M., Ting, W.-C.: A Gen2-based RFID authentication protocol for security and privacy. IEEE Trans. Mob. Comput. 8(8), 1052–1062 (2009)CrossRefGoogle Scholar
- 12.Tan, C.C., Sheng, B., Li, Q.: Secure and serverless RFID authentication and search protocols. IEEE Trans. Wireless Commun. 7(4), 1400–1407 (2008)CrossRefGoogle Scholar
- 13.Tian, Y., Chen, G., Li, J.: A new ultralightweight RFID authentication protocol with permutation. IEEE Commun. Lett. 16(5), 702–705 (2012)CrossRefGoogle Scholar