Abstract
In this paper, the security of two recent RFID mutual authentication protocols are investigated. The first protocol is a scheme proposed by Huang et al. [7] and the second one by Huang, Lin and Li [6]. We show that these two protocols have several weaknesses. In Huang et al.’s scheme, an adversary can determine the 32-bit secret password with a probability of \(2^{-2}\), and in Huang-Lin-Li scheme, a passive adversary can recognize a target tag with a success probability of \(1-2^{-4}\) and an active adversary can determine all 32 bits of Access password with success probability of \(2^{-4}\). The computational complexity of these attacks is negligible.
This is a preview of subscription content, log in via an institution to check access.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
References
Bailey, D.V., Juels, A.: Shoehorning security into the EPC tag standard. In: De Prisco, R., Yung, M. (eds.) SCN 2006, LNCS, vol. 4116, pp. 303–320. Springer, Heidelberg (2006)
Chen, C.-L., Chien, C.-F.: Based on mobile RFID for membership stores system conforming EPC C1 G2 standards. IJAHUC 10(4), 207–218 (2012)
Chen, C.-L., Deng, Y.-Y.: Conformation of EPC Class 1 Generation 2 standards RFID system with mutual authentication and privacy protection. Eng. Appl. AI 22(8), 1284–1291 (2009)
Chien, H.-Y., Chen, C.-H.: Mutual authentication protocol for RFID conforming to EPC Class 1 Generation 2 standards. Comput. Stand. Interfaces 29(2), 254–259 (2007)
EPCGlobal: Class-1 generation 2 UHF air interface protocol standard version 1.2.0, Gen2 Standard. http://www.epcglobalinc.org/standards/ (2008)
Huang, Y.-J., Lin, W.-C., Li, H.-L.: Efficient implementation of RFID mutual authentication protocol. IEEE Trans. Industr. Electron. 59(12), 4784–4791 (2012)
Huang, Y.-J., Yuan, C.-C., Chen, M.-K., Lin, W.-C., Teng, H.-C.: Hardware implementation of RFID mutual authentication protocol. IEEE Trans. Industr. Electron. 57(5), 1573–1582 (2010)
Information technology - Radio frequency identification for item management. Part 6: Parameters for air interface communications at 860 MHz to 960 MHz. http://www.iso.org/iso/catalogue_detail?csnumber=34117 (2005)
Konidala, D., Kim, Z., Kim, K.: A simple and cost effective RFID tag-reader mutual authentication scheme. In: Proceedings of International Conference on RFID Security, pp. 141–152, July 2007
Ma, C., Li, Y., Deng, R.H., Li, T.: RFID privacy: relation between two notions, minimal condition, and efficient construction. In: Al-Shaer, E., Jha, S., Keromytis, A.D. (eds.) ACM Conference on Computer and Communications, Security, pp. 54–65. ACM Press, New York (2009)
Park, J., Na, J., Kim, M.: A practical approach for enhancing security of EPCglobal RFID Gen2 tag. In: FGCN (1), pp. 436–441. IEEE (2007)
Peris-Lopez, P., Hernandez-Castro, J., Estevez-Tapiador, J., Ribagorda, A.: Practical attacks on a mutual authentication scheme under the EPC Class-1 Generation-2 standard. Comput. Commun. 32(7–10), 1185–1193 (2009)
Peris-Lopez, P., Hernandez-Castro, J.C., Estevez-Tapiador, J.M., Ribagorda, A.: RFID specification revisited. In: The Internet of Things: From RFID to the Next-Generation Pervasive Networked Systems, pp. 311–346. Taylor & Francis Group, London (2008)
Want, R.: An introduction to RFID technology. IEEE Pervasive Comput. 5(1), 25–33 (2006)
Acknowledgments
We would like to thank anonymous reviewers for useful comments.
Author information
Authors and Affiliations
Corresponding author
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2013 Springer-Verlag Berlin Heidelberg
About this paper
Cite this paper
Aghili, S.F., Bagheri, N., Gauravaram, P., Safkhani, M., Sanadhya, S.K. (2013). On the Security of Two RFID Mutual Authentication Protocols. In: Hutter, M., Schmidt, JM. (eds) Radio Frequency Identification. RFIDSec 2013. Lecture Notes in Computer Science(), vol 8262. Springer, Berlin, Heidelberg. https://doi.org/10.1007/978-3-642-41332-2_6
Download citation
DOI: https://doi.org/10.1007/978-3-642-41332-2_6
Published:
Publisher Name: Springer, Berlin, Heidelberg
Print ISBN: 978-3-642-41331-5
Online ISBN: 978-3-642-41332-2
eBook Packages: Computer ScienceComputer Science (R0)