Passive attacks on a class of authentication protocols for RFID

Basel Alomair, Loukas Lazos, Radha Poovendran

Research output: Chapter in Book/Report/Conference proceedingConference contribution

26 Scopus citations

Abstract

Mutual authentication mechanisms can be used in RFID systems to preserve the confidentiality of the RFID tags. Hiding the unique IDs of the tags is critical to prevent unauthorized tag tracking. In this paper, we analyze two mutual authentication protocols called M2AP and EMAP, recently proposed by Peris-Lopez et. al. We show that a passive adversary eavesdropping on the open wireless medium, can extract the unique I D of the RFID tag by collecting an expected O(log2 L) challenge-response exchange messages between the tag and the reader, where L is the length of the tag's unique I D. To date, previously known attacks on M2AP and EMAP require the active probing of each tag. Furthermore, attacks on M2AP require O(L) active queries to be sent to the tag by a rogue reader, as opposed to O(log 2 L).

Original languageEnglish (US)
Title of host publicationInformation Security and Cryptology - ICISC 2007 - 10th International Conference, Proceedings
PublisherSpringer-Verlag
Pages102-115
Number of pages14
ISBN (Print)9783540767879
DOIs
StatePublished - 2007
Externally publishedYes
Event10th International Conference on Information Security and Cryptology, ICISC 2007 - Seoul, Korea, Republic of
Duration: Nov 29 2007Nov 30 2007

Publication series

NameLecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics)
Volume4817 LNCS
ISSN (Print)0302-9743
ISSN (Electronic)1611-3349

Other

Other10th International Conference on Information Security and Cryptology, ICISC 2007
Country/TerritoryKorea, Republic of
CitySeoul
Period11/29/0711/30/07

Keywords

  • Authentication
  • Passive attack
  • Privacy
  • RFID

ASJC Scopus subject areas

  • Theoretical Computer Science
  • General Computer Science

Fingerprint

Dive into the research topics of 'Passive attacks on a class of authentication protocols for RFID'. Together they form a unique fingerprint.

Cite this