On the Security of Two RFID Mutual Authentication Protocols

  • Seyed Farhad Aghili
  • Nasour Bagheri
  • Praveen Gauravaram
  • Masoumeh Safkhani
  • Somitra Kumar Sanadhya
Conference paper
Part of the Lecture Notes in Computer Science book series (LNCS, volume 8262)

Abstract

In this paper, the security of two recent RFID mutual authentication protocols are investigated. The first protocol is a scheme proposed by Huang et al. [7] and the second one by Huang, Lin and Li [6]. We show that these two protocols have several weaknesses. In Huang et al.’s scheme, an adversary can determine the 32-bit secret password with a probability of \(2^{-2}\), and in Huang-Lin-Li scheme, a passive adversary can recognize a target tag with a success probability of \(1-2^{-4}\) and an active adversary can determine all 32 bits of Access password with success probability of \(2^{-4}\). The computational complexity of these attacks is negligible.

Keywords

RFID EPC Class-1 Generation-2 PadGen function 

References

  1. 1.
    Bailey, D.V., Juels, A.: Shoehorning security into the EPC tag standard. In: De Prisco, R., Yung, M. (eds.) SCN 2006, LNCS, vol. 4116, pp. 303–320. Springer, Heidelberg (2006)Google Scholar
  2. 2.
    Chen, C.-L., Chien, C.-F.: Based on mobile RFID for membership stores system conforming EPC C1 G2 standards. IJAHUC 10(4), 207–218 (2012)MathSciNetCrossRefGoogle Scholar
  3. 3.
    Chen, C.-L., Deng, Y.-Y.: Conformation of EPC Class 1 Generation 2 standards RFID system with mutual authentication and privacy protection. Eng. Appl. AI 22(8), 1284–1291 (2009)MathSciNetGoogle Scholar
  4. 4.
    Chien, H.-Y., Chen, C.-H.: Mutual authentication protocol for RFID conforming to EPC Class 1 Generation 2 standards. Comput. Stand. Interfaces 29(2), 254–259 (2007)MathSciNetCrossRefGoogle Scholar
  5. 5.
    EPCGlobal: Class-1 generation 2 UHF air interface protocol standard version 1.2.0, Gen2 Standard. http://www.epcglobalinc.org/standards/ (2008)
  6. 6.
    Huang, Y.-J., Lin, W.-C., Li, H.-L.: Efficient implementation of RFID mutual authentication protocol. IEEE Trans. Industr. Electron. 59(12), 4784–4791 (2012)CrossRefGoogle Scholar
  7. 7.
    Huang, Y.-J., Yuan, C.-C., Chen, M.-K., Lin, W.-C., Teng, H.-C.: Hardware implementation of RFID mutual authentication protocol. IEEE Trans. Industr. Electron. 57(5), 1573–1582 (2010)CrossRefGoogle Scholar
  8. 8.
    Information technology - Radio frequency identification for item management. Part 6: Parameters for air interface communications at 860 MHz to 960 MHz. http://www.iso.org/iso/catalogue_detail?csnumber=34117 (2005)
  9. 9.
    Konidala, D., Kim, Z., Kim, K.: A simple and cost effective RFID tag-reader mutual authentication scheme. In: Proceedings of International Conference on RFID Security, pp. 141–152, July 2007Google Scholar
  10. 10.
    Ma, C., Li, Y., Deng, R.H., Li, T.: RFID privacy: relation between two notions, minimal condition, and efficient construction. In: Al-Shaer, E., Jha, S., Keromytis, A.D. (eds.) ACM Conference on Computer and Communications, Security, pp. 54–65. ACM Press, New York (2009)CrossRefGoogle Scholar
  11. 11.
    Park, J., Na, J., Kim, M.: A practical approach for enhancing security of EPCglobal RFID Gen2 tag. In: FGCN (1), pp. 436–441. IEEE (2007)Google Scholar
  12. 12.
    Peris-Lopez, P., Hernandez-Castro, J., Estevez-Tapiador, J., Ribagorda, A.: Practical attacks on a mutual authentication scheme under the EPC Class-1 Generation-2 standard. Comput. Commun. 32(7–10), 1185–1193 (2009)CrossRefGoogle Scholar
  13. 13.
    Peris-Lopez, P., Hernandez-Castro, J.C., Estevez-Tapiador, J.M., Ribagorda, A.: RFID specification revisited. In: The Internet of Things: From RFID to the Next-Generation Pervasive Networked Systems, pp. 311–346. Taylor & Francis Group, London (2008)Google Scholar
  14. 14.
    Want, R.: An introduction to RFID technology. IEEE Pervasive Comput. 5(1), 25–33 (2006)CrossRefGoogle Scholar

Copyright information

© Springer-Verlag Berlin Heidelberg 2013

Authors and Affiliations

  • Seyed Farhad Aghili
    • 1
  • Nasour Bagheri
    • 1
  • Praveen Gauravaram
    • 2
  • Masoumeh Safkhani
    • 3
  • Somitra Kumar Sanadhya
    • 4
  1. 1.Electrical Engineering DepartmentShahid Rajaee Teacher Training UniversityTehranIran
  2. 2.Innovation Labs HyderabadTata Consultancy Services LimitedHyderabadIndia
  3. 3.Electrical Engineering DepartmentIran University of Science and TechnologyTehranIran
  4. 4.Indraprastha Institute of Information TechnologyDelhiIndia

Personalised recommendations