Weaknesses in Two Recent Lightweight RFID Authentication Protocols

  • Pedro Peris-Lopez
  • Julio C. Hernandez-Castro
  • Juan M. E. Tapiador
  • Tieyan Li
  • Jan C. A. van der Lubbe
Part of the Lecture Notes in Computer Science book series (LNCS, volume 6151)


The design of secure authentication solutions for low-cost RFID tags is still an open and quite challenging problem, though many algorithms have been published lately. In this paper, we analyze two recent proposals in this research area. First, Mitra’s scheme is scrutinized, revealing its vulnerability to cloning and traceability attacks, which are among the security objectives pursued in the protocol definition [1]. Later, we show how the protocol is vulnerable against a full disclosure attack after eavesdropping a small number of sessions. Then, we analyze a new EPC-friendly scheme conforming to EPC Class-1 Generation-2 specification (ISO/IEC 180006-C), introduced by Qingling and Yiju [2]. This proposal attempts to correct many of the well known security shortcomings of the standard, and even includes a BAN logic based formal security proof. However, notwithstanding this formal security analysis, we show that Qingling et al.’s protocol offers roughly the same security as the standard they try to improve, is vulnerable to tag and reader impersonation attacks, and allows tag traceability.


RFID EPC Cloning Traceability Impersonation Cryptanalysis BAN Proof 


Unable to display preview. Download preview PDF.

Unable to display preview. Download preview PDF.


  1. 1.
    Mitra, M.: Privacy for RFID systems to prevent tracking and cloning. International Journal of Computer Science and Network Security 8(1), 1–5 (2008)Google Scholar
  2. 2.
    Qingling, C., Yiju, Z., Yonghua, W.: A minimalist mutual authentication protocol for RFID system & BAN logic analysis. In: Proc. of CCCM 2008, pp. 449–453. IEEE Computer Society, Los Alamitos (2008)Google Scholar
  3. 3.
    Hopper, N.J., Blum, M.: Secure human identification protocols. In: Boyd, C. (ed.) ASIACRYPT 2001. LNCS, vol. 2248, pp. 52–66. Springer, Heidelberg (2001)CrossRefGoogle Scholar
  4. 4.
    Juels, A., Weis, S.: Authenticating pervasive devices with human protocols. In: Shoup, V. (ed.) CRYPTO 2005. LNCS, vol. 3621, pp. 293–308. Springer, Heidelberg (2005)Google Scholar
  5. 5.
    Chien, H.Y.: SASI: A new ultralightweight RFID authentication protocol providing strong authentication and strong integrity. IEEE Trans. Dependable Secur. Comput. 4(4), 337–340 (2007)CrossRefGoogle Scholar
  6. 6.
    Peris-Lopez, P., Hernandez-Castro, J.C., Estevez-Tapiador, J.M., Ribagorda, A.: Advances in ultralightweight cryptography for low-cost RFID tags: Gossamer protocol. In: Chung, K.-I., Sohn, K., Yung, M. (eds.) WISA 2008. LNCS, vol. 5379, pp. 56–68. Springer, Heidelberg (2009)CrossRefGoogle Scholar
  7. 7.
    EPCglobal: Class-1 generation 2 UHF air interface protocol standard version 1.2.0: Gen 2 (2008),
  8. 8.
    Chien, H., Chen, C.: Mutual authentication protocol for RFID conforming to EPC class-1 generation-2 standards. Computer Standards and Interfaces 29(2), 254–259 (2007)CrossRefMathSciNetGoogle Scholar
  9. 9.
    Han, D., Kwon, D.: Vulnerability of an RFID authentication protocol conforming to EPC Class 1 Generation 2 Standards. Computer Standards and Interfaces 31(4), 648–652 (2009)CrossRefGoogle Scholar
  10. 10.
    Lim, T., Li, T.: Addressing the weakness in a lightweight RFID tag-reader mutual authentication scheme. In: Proc. of the IEEE Int’l Global Telecommunications Conference - GLOBECOM 2007, pp. 59–63. IEEE Computer Society Press, Los Alamitos (2007)CrossRefGoogle Scholar
  11. 11.
    Peris-Lopez, P., Hernandez-Castro, J.C., Estevez-Tapiador, J.M., Ribagorda, A.: Cryptanalysis of a novel authentication protocol conforming to EPC-C1G2 standard. Computer Standards and Interfaces 31(2), 372–380 (2009)CrossRefGoogle Scholar
  12. 12.
    Juels, A., Weis, S.: Defining strong privacy for RFID. In: Proc. of PerCom 2007, pp. 342–347. IEEE Computer Society Press, Los Alamitos (2007)Google Scholar
  13. 13.
    Phan, R.: Cryptanalysis of a new ultralightweight RFID authentication protocol - SASI. IEEE Transactions on Dependable and Secure Computing (2008), doi:10.1109/TDSC.2008.33Google Scholar
  14. 14.
    EPCglobal: EPC Tag data standard version 1.4. (2008),
  15. 15.
    Hardy, G.H., Wright, E.M.: An Introduction to the Theory of Numbers, 6th edn. Oxford University Press, Oxford (2008)zbMATHGoogle Scholar
  16. 16.
    Anarchriz: CRC and how to reverse it (1999),
  17. 17.
    Ranasinghe, D.C.: Lightweight Cryptography for Low Cost RFID. In: Networked RFID Systems and Lightweight Cryptography, pp. 311–346. Springer, Heidelberg (2007)Google Scholar

Copyright information

© Springer-Verlag Berlin Heidelberg 2010

Authors and Affiliations

  • Pedro Peris-Lopez
    • 1
  • Julio C. Hernandez-Castro
    • 2
  • Juan M. E. Tapiador
    • 3
  • Tieyan Li
    • 4
  • Jan C. A. van der Lubbe
    • 1
  1. 1.Department of Information and CommunicationDelft University of Technology 
  2. 2.School of ComputingUniversity of Portsmouth 
  3. 3.Department of Computer ScienceUniversity of York 
  4. 4.Institute for Infocomm ResearchA*STAR Singapore 

Personalised recommendations