[Resource Topic] 2011/193: Security Analysis of $LMAP^{++}$, an RFID Authentication Protocol

Resource Cryptographic protocols
#1

Welcome to the resource topic for 2011/193

Title:
Security Analysis of LMAP^{++}, an RFID Authentication Protocol

Authors: Nasour Bagheri, Masoumeh Safkhani, Majid Naderi, Somitra Kumar Sanadhya

Abstract:

Low cost RFID tags are increasingly being deployed in various practical applications these days. Security analysis of the way these tags are used in an application is a must for successful adoption of the RFID technology. Depending on the requirements of the particular application, security demands on these tags cover some or all of the aspects such as privacy, untraceability and authentication. As a result of increasing deployment of RFID tags, many works on RFID protocols and their security analysis have appeared in the literature in the past few years. Although most protocol proposals also provide some justification for the claimed security properties of these protocols, independent third party evaluation has often revealed weaknesses in these protocols. In this work, we present a third party security evaluation of a recently proposed mutual authentication protocol LMAP^{++}. Mutual authentication protocols are an important class of protocols for RFID applications. In these protocols, the reader and the tag of an RFID system run an interactive game to authenticate themselves to each other. In this work, we present traceability and desynchronization attacks against the protocol LMAP^{++}. First we show that LMAP^{++} does not satisfy the security notion of traceability as defined in the model proposed by Jules and Weis. Using the ideas of this traceability attack, next we show that LMAP^{++} also suffers from a desynchronization attack. The presented attacks have low complexities and high success probabilities. To the best of our knowledge, this the first attack on the LMAP^{++} protocol.

ePrint: https://eprint.iacr.org/2011/193

See all topics related to this paper.

Feel free to post resources that are related to this paper below.

Example resources include: implementations, explanation materials, talks, slides, links to previous discussions on other websites.

For more information, see the rules for Resource Topics .