Security Analysis of Tu and Piramuthu's Protocol

Abstract

RFID (radio frequency identification) devices are usually vulnerable to attacks related to proximity verification: distance fraud attacks, relay attacks and terrorist attacks. These attacks require simpler technical resources than tampering or cryptanalysis and, they cannot be prevented by ordinary security protocols that operate in the high layers of the protocol stack. Distance bounding protocols, which are tightly integrated into the physical layer, are the main countermeasure against them. Hancke and Kuhn's protocol was the first distance bounding protocol for RFID. Tu and Piramuthu have recently proposed another protocol which outperform it. More precisely, the authors claim that their protocol reduces the false acceptance ratio and is resistant to terrorist attack. In this paper, however, we analyse this protocol and, discuss some aspects that could question its effectiveness.