Yet Another Ultralightweight Authentication Protocol That Is Broken

Conference paper
Part of the Lecture Notes in Computer Science book series (LNCS, volume 7739)


Eghdamian and Samsudin published at ICIEIS 2011 an ultralightweight mutual authentication protocol that requires few bitwise operations. The simplicity of the design makes the protocol very suitable to low-cost RFID tags. However, we demonstrate in this paper that the long-term key shared by the reader and the tag can be recovered by an adversary with a few eavesdropped sessions only.

Additionally, we provide the backbone of some attacks on a series of similar recent protocols, and highlight important common weaknesses in the design of ultralightweight protocols.


Authentication Ultralightweight protocol RFID 


Unable to display preview. Download preview PDF.

Unable to display preview. Download preview PDF.


  1. 1.
    Avoine, G., Carpent, X., Martin, B.: Strong Authentication and Strong Integrity (SASI) Is Not That Strong. In: Ors Yalcin, S.B. (ed.) RFIDSec 2010. LNCS, vol. 6370, pp. 50–64. Springer, Heidelberg (2010)CrossRefGoogle Scholar
  2. 2.
    Avoine, G., Carpent, X., Martin, B.: Privacy-friendly synchronized ultralightweight authentication protocols in the storm. Journal of Network and Computer Applications 35(2), 826–843 (2012)CrossRefGoogle Scholar
  3. 3.
    Bárász, M., Boros, B., Ligeti, P., Lója, K., Nagy, D.: Breaking LMAP. In: Conference on RFID Security, Malaga, Spain (July 2007)Google Scholar
  4. 4.
    Bassil, R., El-Beaino, W., Itani, W., Kayssi, A., Chehab, A.: PUMAP: A PUF-based ultra-lightweight mutual-authentication RFID protocol. International Journal of RFID Security and Cryptography 1(1), 58–66 (2012)Google Scholar
  5. 5.
    Bosley, C., Haralambiev, K., Nicolosi, A.: HBN: An HB-like protocol secure against man-in-the-middle attacks. Cryptology ePrint Archive, Report 2011/350 (2011)Google Scholar
  6. 6.
    Chien, H.-Y.: SASI: A New Ultralightweight RFID Authentication Protocol Providing Strong Authentication and Strong Integrity. IEEE Transactions on Dependable and Secure Computing 4(4), 337–340 (2007)CrossRefGoogle Scholar
  7. 7.
    Eghdamian, A., Samsudin, A.: A Secure Protocol for Ultralightweight Radio Frequency Identification (RFID) Tags. In: Abd Manaf, A., Zeki, A., Zamani, M., Chuprat, S., El-Qawasmeh, E. (eds.) ICIEIS 2011. CCIS, vol. 251, pp. 200–213. Springer, Heidelberg (2011)CrossRefGoogle Scholar
  8. 8.
    Gurubani, J.B., Thakkar, H., Patel, D.R.: Improvements over Extended LMAP+: RFID Authentication Protocol. In: Dimitrakos, T., Moona, R., Patel, D., McKnight, D.H. (eds.) IFIPTM 2012. IFIP AICT, vol. 374, pp. 225–231. Springer, Heidelberg (2012)Google Scholar
  9. 9.
    Lee, Y.-C.: Two ultralightweight authentication protocols for low-cost RFID tags. Applied Mathematics and Information Sciences 6(2S), 425–431 (2012)MathSciNetGoogle Scholar
  10. 10.
    Ning, H., Liu, H., Yang, C.: Ultralightweight RFID authentication protocol based on random partitions of pseudorandom identifier and pre-shared secret value. Chinese Journal of Electronics 20(4), 701–707 (2011)Google Scholar
  11. 11.
    Peris-Lopez, P., Hernandez-Castro, J.C., Estevez-Tapiador, J.M., Ribagorda, A.: LMAP: A Real Lightweight Mutual Authentication Protocol for Low-cost RFID tags. In: Workshop on RFID Security – RFIDSec 2006, Graz, Austria (July 2006); EcryptGoogle Scholar
  12. 12.
    Peris-Lopez, P., Hernandez-Castro, J.C., Estevez-Tapiador, J.M., van der Lubbe, J.C.A.: Security Flaws in a Recent Ultralightweight RFID Protocol. In: Workshop on RFID Security – RFIDSec Asia 2010. Cryptology and Information Security, vol. 4, pp. 83–93. IOS Press, Singapore (2010)Google Scholar
  13. 13.
    Tian, Y., Chen, G., Li, J.: A new ultralightweight RFID authentication protocol with permutation. IEEE Communications Letters 16(5), 702–705 (2012)CrossRefGoogle Scholar

Copyright information

© Springer-Verlag Berlin Heidelberg 2013

Authors and Affiliations

  1. 1.Université catholique de LouvainLouvain-la-NeuveBelgium

Personalised recommendations