A note on the security of two improved RFID protocols

Document Type: ORIGINAL RESEARCH PAPER

Authors

1 Computer Engineering Department, Shahid Rajaee Teacher Training University, Tehran, Iran

2 Electrical Engineering Department, Shahid Rajaee Teacher Training University, Tehran, Iran

Abstract

Recently, Baghery et al. [1, 2] presented some attacks on two RFID protocols, namely Yoon and Jung et al. protocols, and proposed the improved version of them. However, in this note, we show that the improved version of the Jung et al. protocol suffers from desynchronization attack and the improved version of the Yoon's protocol suffers from secret disclosure attack. The success probability of the desynchronization attack against the improved version of the Jung et al. protocol is (1-2-2n)2, where n is length of the protocol parameters. The attack can be accomplished with just three runs of the protocol. The success probability of the secret disclosure attack against the improved version of the Yoon's protocol is almost 1, while the complexity is just two runs of the protocol and doing 216 off-line evaluations of PRNG function.

Keywords


[1] Karim Baghery, Behzad Abdolmaleki, Bahareh Akhbari, and Mohammad Reza Aref. Privacy analysis and improvements of two recent rfid authentication protocol. In International ISC Conference on Information Security and Cryptology (ISCISC), At Tehran, 2014, pages 137-142, 2014.

[2] Karim Baghery, Behzad Abdolmaleki, Bahareh Akhbari, and Mohammad Reza Aref. Enhancing privacy of recent authentication schemes for low-cost RFID systems. The ISC International Journal of Information Security, 7(2):469-491, 2015.

[3] Eun-Jun Yoon. Improvement of the securing RFID systems conforming to EPC class 1 generation 2 standard. Expert Syst. Appl., 39(1): 1589-1594, 2012.

[4] Seung Wook Jung and Souhwan Jung. HMAC-based RFID authentication protocol with minimal retrieval at server. In Thes Fifth International Conference on Evolving Internet INTERNET 2013, pages 52-55, 2013.

[5] Tzu-Chang Yeh, Chien-Hung Wu, and Yuh-Min Tseng. Improvement of the rfid authentication scheme based on quadratic residues. Computer Communications, 34(3):337-341, 2011.

[6] Amin Mohammadali, Zahra Ahmadian, and Mohammad Reza Aref. Analysis and improvement of the securing RFID systems conforming to EPC class 1 generation 2 standard. Cryptology ePrint Archive, Report 2013/404, 2013. http://eprint.iacr.org/2013/066.

[7] Masoumeh Safkhani, Nasour Bagheri, Somitra Kumar Sanadhya, and Majid Naderi. Cryptanalysis of improved yeh et al.'s authentication protocol: An EPC class-1 generation-2 standard compliant protocol. Cryptology ePrint Archive, Report 2013/404, 2013. http://eprint.iacr. org/2011/426.

[8] Masoumeh Safkhani, Nasour Bagheri, and Majid Naderi. Strengthening the security of EPC C-1 G-2 RFID standard. Wireless Personal Communications, 72(2):1295-1308, 2013.

[9] Masoumeh Safkhani, Nasour Bagheri, and Majid Naderi. A note on the security of IS-RFID, an inpatient medication safety. I. J. Medical Informatics, 83(1):82-85, 2014.

[10] Mohammad Hassan Habibi, Mahdi R. Alaghband, and Mohammad Reza Aref. Attacks on a lightweight mutual authentication protocol under EPC C-1 G-2 standard. In Claudio Agostino Ardagna and Jianying Zhou, editors, WISTP 2011, volume 6633 of Lecture Notes in Computer Science, pages 254-263. Springer, 2011.

[11] Ray Beaulieu, Douglas Shors, Jason Smith, Stefan Treatman-Clark, Bryan Weeks, and Louis Wingers. The SIMON and SPECK Families of Lightweight Block Ciphers. Cryptology ePrint Archive, Report 2013/404, 2013. http://eprint. iacr.org/2013/404.

[12] Honorio Martin, Enrique San Millán, Luis Entrena, Julio César Hernández Castro, and Pedro Peris-Lopez. Akari-x: A pseudorandom number generator for secure lightweight systems. In IOLTS, pages 228-233. IEEE, 2011. 17th IEEE International On-Line Testing Symposium (IOLTS 2011), 13-15 July, 2011, Athens, Greece.

[13] Yun Tian, Gongliang Chen, and Jianhua Li. A new ultralightweight RFID authentication protocol with permutation. IEEE Communications Letters, 16(5):702-705, 2012.

[14] Zahra Ahmadian, Mahmoud Salmasizadeh, and Mohammad Reza Aref. Desynchronization attack on RAPP ultralightweight authentication protocol. Inf. Process. Lett., 113(7):205-209, 2013.

[15] Nasour Bagheri, Masoumeh Safkhani, Pedro Peris-Lopez, and Juan E. Tapiador. Weaknesses in a new ultralightweight rfid authentication protocol with permutation - RAPP. Security and Communication Networks, 7(6):945-949, 2014.