Weaknesses in another Gen2-based RFID authentication protocol
Paper in proceeding, 2012
There is a high need for secure authentication protocols conforming with the EPC Class-1 Generation 2 (Gen2 in short) standard. The security analyses of the new born authentication protocols provide some guidelines and lessons that should be considered in the design of new proposals. In this paper, we scrutinize the security of a Gen2 based RFID authentication protocol which has been recently proposed by Yi et al. [8]. Our security analysis highlights important security pitfalls in this proposal. More precisely, we show a simple approach to desynchronize the tag and the reader. Moreover, we present tag impersonation and reader impersonation attacks. Finally, we show how the use of random numbers does not prevent traceability attack. The success probability of all the proposed attacks is 1 and their complexity is minimal since at most one eavesdropped session of the protocol is required. © 2012 IEEE.
authentication
desynchronisation attack
EPC Gen2
Author
M. Safkhani
Iran University of Science and Technology
N. Bagheri
Shahid Rajaee Teacher Training University
P. Peris-Lopez
Universidad Carlos III de Madrid
Aikaterini Mitrokotsa
Swiss Federal Institute of Technology in Lausanne (EPFL)
J.C. Hernández-Castro
University Of Kent
2012 IEEE International Conference on RFID-Technologies and Applications, RFID-TA 2012
80-84
Areas of Advance
Information and Communication Technology
Subject Categories (SSIF 2011)
Computer and Information Science
DOI
10.1109/RFID-TA.2012.6404572