[Resource Topic] 2010/018: Scalability and Security Conflict for RFID Authentication Protocols

Welcome to the resource topic for 2010/018

Title:
Scalability and Security Conflict for RFID Authentication Protocols

Authors: Imran Erguler, Emin Anarim

Abstract:

Many RFID authentication protocols have been proposed to preserve security and privacy. Nevertheless, most of these protocols are analyzed and it is shown that they can not provide security against some RFID attacks. Moreover, some of the secure ones are criticized, because they suffer from scalability at the reader/server side as in tag identification or authentication phase they require a linear search depending on number of tags in the system. Recently, new authentication protocols have been presented to solve scalability issue, i.e. they require constant time for tag identification with providing security. In this paper, we analyze two of these new RFID authentication protocols SSM (very recently proposed by Song and Mitchell) and LRMAP (proposed by Ha et al.) and to the best of our knowledge, they have received no attacks yet. These schemes take O(1) work to authenticate a tag and are designed to meet the privacy and security requirements. The common point of these protocols is that normal and abnormal states are defined for tags. In the normal state, server authenticates the tag in constant time, while in the abnormal state, occurs rarely, authentication is realized with linear search. We show that, however, these authentication protocols do not provide untraceability which is one of their design objectives. We also discover that the SSM protocol is vulnerable to a desynchronization attack, that prevents a legitimate reader/server from authenticating a legitimate tag. Furthermore, in the light of these attacks, we conclude that allowing tags to be in different states may give clue to an adversary in tracing the tags, although such a design is preferred to achieve scalability and efficiency at the server side.

ePrint: https://eprint.iacr.org/2010/018

See all topics related to this paper.

Feel free to post resources that are related to this paper below.

Example resources include: implementations, explanation materials, talks, slides, links to previous discussions on other websites.

For more information, see the rules for Resource Topics .