Paper 2019/1125
Breaking Anonymity of Some Recent Lightweight RFID Authentication Protocols
Karim Baghery, Behzad Abdolmaleki, Shahram Khazaei, and Mohammad Reza Aref
Abstract
Due to their impressive advantages, Radio Frequency IDentification (RFID) systems are ubiquitously found in various novel applications. These applications are usually in need of quick and accurate authentication or identification. In many cases, it has been shown that if such systems are not properly designed, an adversary can cause security and privacy concerns for end-users. In order to deal with these concerns, impressive endeavors have been made which have resulted in various RFID authentications being proposed. In this study, we analyze three lightweight RFID authentication protocols proposed in Wireless Personal Communications (2014), Computers & Security (2015) and Wireless Networks (2016). We show that none of the studied protocols provides the desired security and privacy required by the end-users. We present various security and privacy attacks such as secret parameter reveal, impersonation, DoS, traceability, and forward traceability against the studied protocols. Our attacks are mounted in the Ouafi–Phan RFID formal privacy model which is a modified version of the well-known Juels–Weis privacy model.
Note: This is a preprint of an article published in Journal of Wireless Networks, 2019, 25: 1235.
Metadata
- Available format(s)
- Category
- Applications
- Publication info
- Published elsewhere. Minor revision. Wireless Networks
- DOI
- 10.1007/s11276-018-1717-0
- Keywords
- Anonymous RFID authentication protocolInternet of Things (IoT)Security and privacyHash functionsOuafi–Phan privacy model
- Contact author(s)
- karim baghery @ ut ee
- History
- 2019-10-02: received
- Short URL
- https://ia.cr/2019/1125
- License
-
CC BY
BibTeX
@misc{cryptoeprint:2019/1125, author = {Karim Baghery and Behzad Abdolmaleki and Shahram Khazaei and Mohammad Reza Aref}, title = {Breaking Anonymity of Some Recent Lightweight {RFID} Authentication Protocols}, howpublished = {Cryptology {ePrint} Archive, Paper 2019/1125}, year = {2019}, doi = {10.1007/s11276-018-1717-0}, url = {https://eprint.iacr.org/2019/1125} }