De-synchronization attack on RFID authentication protocols

N. W. Lo, Kuo Hui Yeh

Research output: Chapter in Book/Report/Conference proceedingConference contributionpeer-review

5 Scopus citations

Abstract

In order to protect privacy of RFID tag against malicious tag tracing activities, many RFID authentication protocols with the secret key update scheme have been proposed to support forward security. These proposals are symmetric key based in common due to the lack of computational resource to perform heavy asymmetric cryptographic operations in low-cost tags. In this paper, we have demonstrated that four RFID authentication protocols are vulnerable to a de-synchronization attack. The secret values shared between any given tag and the backend server can easily be de-synchronized through a series of attack process (or incomplete protocol runs). Our results indicate that these four schemes are naturally limited by their essential design and more rigorous security analyses are accordingly required. In addition, any extension from these four protocols may incur the insecurity owing to the same underlying protocol design.

Original languageEnglish
Title of host publicationISITA/ISSSTA 2010 - 2010 International Symposium on Information Theory and Its Applications
Pages566-570
Number of pages5
DOIs
StatePublished - 2010
Event2010 20th International Symposium on Information Theory and Its Applications, ISITA 2010 and the 2010 20th International Symposium on Spread Spectrum Techniques and Applications, ISSSTA 2010 - Taichung, Taiwan
Duration: 17 Oct 201020 Oct 2010

Publication series

NameISITA/ISSSTA 2010 - 2010 International Symposium on Information Theory and Its Applications

Conference

Conference2010 20th International Symposium on Information Theory and Its Applications, ISITA 2010 and the 2010 20th International Symposium on Spread Spectrum Techniques and Applications, ISSSTA 2010
Country/TerritoryTaiwan
CityTaichung
Period17/10/1020/10/10

Keywords

  • Authentication
  • De-synchronization attack
  • Privacy
  • RFID
  • Security

Fingerprint

Dive into the research topics of 'De-synchronization attack on RFID authentication protocols'. Together they form a unique fingerprint.

Cite this