@inproceedings{6a08b19c68fe4396a9ec9482c5a315fb,
title = "Passive attacks on a class of authentication protocols for RFID",
abstract = "Mutual authentication mechanisms can be used in RFID systems to preserve the confidentiality of the RFID tags. Hiding the unique IDs of the tags is critical to prevent unauthorized tag tracking. In this paper, we analyze two mutual authentication protocols called M2AP and EMAP, recently proposed by Peris-Lopez et. al. We show that a passive adversary eavesdropping on the open wireless medium, can extract the unique I D of the RFID tag by collecting an expected O(log2 L) challenge-response exchange messages between the tag and the reader, where L is the length of the tag's unique I D. To date, previously known attacks on M2AP and EMAP require the active probing of each tag. Furthermore, attacks on M2AP require O(L) active queries to be sent to the tag by a rogue reader, as opposed to O(log 2 L).",
keywords = "Authentication, Passive attack, Privacy, RFID",
author = "Basel Alomair and Loukas Lazos and Radha Poovendran",
year = "2007",
doi = "10.1007/978-3-540-76788-6_9",
language = "English (US)",
isbn = "9783540767879",
series = "Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics)",
publisher = "Springer-Verlag",
pages = "102--115",
booktitle = "Information Security and Cryptology - ICISC 2007 - 10th International Conference, Proceedings",
note = "10th International Conference on Information Security and Cryptology, ICISC 2007 ; Conference date: 29-11-2007 Through 30-11-2007",
}