M. Safkhani, N. Bagheri, M. Naderi, Yiyuan Luo, Qi Chai
{"title":"两种RFID互认证协议的标签冒充攻击","authors":"M. Safkhani, N. Bagheri, M. Naderi, Yiyuan Luo, Qi Chai","doi":"10.1109/ARES.2011.87","DOIUrl":null,"url":null,"abstract":"Security concerns of RFID systems engaged a lot of researchers to design and to cryptanalyze RFID mutual authentication protocols. A suitable mutual authentication protocol for an RFID system should provide mutual authentication along with user privacy. In addition, such protocol must be resistant to active and passive attacks, e.g. man-in-the-middle attack, reply attack, reader-/tag-impersonation, denial of service and traceability attack. Among them, tag-impersonation refers to a process that the adversary’s tag fools the legitimate reader to authenticate it as a valid tag. In this paper we exam the security of two RFID mutual authentication protocols, i.e., [6] and [17], under tag impersonation attack. We found that these two protocols share a same vulnerability – in each session, the tag and the reader generates a random value respectively and they use the exclusiveor (XOR) of those random values in the authentication process. We exploit this vulnerability to present two effective and efficient tag impersonation attacks against these protocols, e.g., the success probabilities of our attacks are ”1” and the complexity is at most two runs of each protocol. At last, we exhibit the improved version of these protocols, which are immune from tag impersonation attacks.","PeriodicalId":254443,"journal":{"name":"2011 Sixth International Conference on Availability, Reliability and Security","volume":"85 1","pages":"0"},"PeriodicalIF":0.0000,"publicationDate":"2011-08-22","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"10","resultStr":"{\"title\":\"Tag Impersonation Attack on Two RFID Mutual Authentication Protocols\",\"authors\":\"M. Safkhani, N. Bagheri, M. Naderi, Yiyuan Luo, Qi Chai\",\"doi\":\"10.1109/ARES.2011.87\",\"DOIUrl\":null,\"url\":null,\"abstract\":\"Security concerns of RFID systems engaged a lot of researchers to design and to cryptanalyze RFID mutual authentication protocols. A suitable mutual authentication protocol for an RFID system should provide mutual authentication along with user privacy. In addition, such protocol must be resistant to active and passive attacks, e.g. man-in-the-middle attack, reply attack, reader-/tag-impersonation, denial of service and traceability attack. Among them, tag-impersonation refers to a process that the adversary’s tag fools the legitimate reader to authenticate it as a valid tag. In this paper we exam the security of two RFID mutual authentication protocols, i.e., [6] and [17], under tag impersonation attack. We found that these two protocols share a same vulnerability – in each session, the tag and the reader generates a random value respectively and they use the exclusiveor (XOR) of those random values in the authentication process. We exploit this vulnerability to present two effective and efficient tag impersonation attacks against these protocols, e.g., the success probabilities of our attacks are ”1” and the complexity is at most two runs of each protocol. At last, we exhibit the improved version of these protocols, which are immune from tag impersonation attacks.\",\"PeriodicalId\":254443,\"journal\":{\"name\":\"2011 Sixth International Conference on Availability, Reliability and Security\",\"volume\":\"85 1\",\"pages\":\"0\"},\"PeriodicalIF\":0.0000,\"publicationDate\":\"2011-08-22\",\"publicationTypes\":\"Journal Article\",\"fieldsOfStudy\":null,\"isOpenAccess\":false,\"openAccessPdf\":\"\",\"citationCount\":\"10\",\"resultStr\":null,\"platform\":\"Semanticscholar\",\"paperid\":null,\"PeriodicalName\":\"2011 Sixth International Conference on Availability, Reliability and Security\",\"FirstCategoryId\":\"1085\",\"ListUrlMain\":\"https://doi.org/10.1109/ARES.2011.87\",\"RegionNum\":0,\"RegionCategory\":null,\"ArticlePicture\":[],\"TitleCN\":null,\"AbstractTextCN\":null,\"PMCID\":null,\"EPubDate\":\"\",\"PubModel\":\"\",\"JCR\":\"\",\"JCRName\":\"\",\"Score\":null,\"Total\":0}","platform":"Semanticscholar","paperid":null,"PeriodicalName":"2011 Sixth International Conference on Availability, Reliability and Security","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/10.1109/ARES.2011.87","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"","JCRName":"","Score":null,"Total":0}
Tag Impersonation Attack on Two RFID Mutual Authentication Protocols
Security concerns of RFID systems engaged a lot of researchers to design and to cryptanalyze RFID mutual authentication protocols. A suitable mutual authentication protocol for an RFID system should provide mutual authentication along with user privacy. In addition, such protocol must be resistant to active and passive attacks, e.g. man-in-the-middle attack, reply attack, reader-/tag-impersonation, denial of service and traceability attack. Among them, tag-impersonation refers to a process that the adversary’s tag fools the legitimate reader to authenticate it as a valid tag. In this paper we exam the security of two RFID mutual authentication protocols, i.e., [6] and [17], under tag impersonation attack. We found that these two protocols share a same vulnerability – in each session, the tag and the reader generates a random value respectively and they use the exclusiveor (XOR) of those random values in the authentication process. We exploit this vulnerability to present two effective and efficient tag impersonation attacks against these protocols, e.g., the success probabilities of our attacks are ”1” and the complexity is at most two runs of each protocol. At last, we exhibit the improved version of these protocols, which are immune from tag impersonation attacks.
求助内容:
应助结果提醒方式:
京公网安备 11010802042870号
