Passive Cryptanalysis of the UnConditionally Secure Authentication Protocol for RFID Systems
MetadataShow full item record
Recently, Alomair et al. proposed the first Un- Conditionally Secure mutual authentication protocol for lowcost RFID systems(UCS-RFID). The security of the UCSRFID relies on five dynamic secret keys which are updated at every protocol run using a fresh random number (nonce) secretly transmitted from a reader to tags. Our results show that, at the highest security level of the protocol (security parameter= 256), inferring a nonce is feasible with the probability of 0.99 by eavesdropping(observing) about 90 runs of the protocol. Finding a nonce enables a passive attacker to recover all five secret keys of the protocol. To do so, we propose a three-phase probabilistic approach in this paper. Our attack recovers the secret keys with a probability that increases by accessing more protocol runs. We also show that tracing a tag using this protocol is also possible even with less runs of the protocol.
International Conference on Information Security and Cryptology (ICISC 2010) in Seoul, Korea.
CitationInternational Conference on Information Security and Cryptology (ICISC 2010)
Copyright the author. All rights reserved