Generalized Desynchronization Attack on UMAP: Application to RCIA, KMAP, SLAP and SASI+ protocols
نویسندگان
چکیده
Tian et al. proposed a permutation based authentication protocol [19] entitled RAPP. However, it came out very soon that it suffers from several security treats such as desynchronization attack. Following RAPP, several protocols have been proposed in literature to defeat such attacks. Among them, some protocols suggested to keep a record of old parameters by both the reader and the tag. In this paper, we present a generalized version of all such protocols, named GUMAP, and present an efficient desynchronization attack against it. The complexity of our attack is run of 5 consecutive sessions of protocol and its success probability is almost 1. Our attack is applicable as it is to recently proposed protocols entitled RCIA [10], KMAP [12], SASI [9] and SLAP [11]. To the best of our knowledge, it is the first report on the vulnerability of these protocols. keywords: RFID, Authentication, RAPP, RCIA, KMAP, SLAP, SASI+, GUMAP, Desynchronization Attack.
منابع مشابه
Security Flaws in a Recent Ultralightweight RFID Protocol
In 2006, Peris-Lopez et al. [1, 2, 3] initiated the design of ultralightweight RFID protocols –with the UMAP family of protocols– involving only simple bitwise logical or arithmetic operations such as bitwise XOR, OR, AND, and addition. This combination of operations was revealed later to be insufficient for security. Then, Chien et al. proposed the SASI protocol [4] with the aim of offering be...
متن کاملA note on the security of two improved RFID protocols
Recently, Baghery et al. [1, 2] presented some attacks on two RFID protocols, namely Yoon and Jung et al. protocols, and proposed the improved version of them. However, in this note, we show that the improved version of the Jung et al. protocol suffers from desynchronization attack and the improved version of the Yoon's protocol suffers from secret disclosure attack. The succe...
متن کاملStrong Authentication and Strong Integrity (SASI) Is Not That Strong
In this work, we present a practical passive attack on SASI, an ultra-lightweight mutual authentication protocol for RFID. This attack can be used to reveal with overwhelming probability the secret ID of the prover by eavesdropping about 2 authentications. The result dismantles SASI and, more generally, provides a new approach that threatens ultra-lightweight authentication protocols.
متن کاملSecurity analysis of LMAP++, an RFID authentication protocol
Low cost Radio Frequency IDentification (RFID) tags are increasingly being deployed in various practical applications these days. Security analysis of the way these tags are used in an application is a must for successful adoption of the RFID technology. Depending on the requirements of the particular application, security demands on these tags cover some or all of the aspects such as privacy, ...
متن کاملNon-standard Attacks against Cryptographic Protocols, with an Example over a Simplified Mutual Authentication Protocol
In this work, we present a simple model for the automated cryptanalysis of cryptographic protocols based on meta-heuristic search. We illustrate our approach with a straightforward application in the form of an attack against a slightly simplified version of an ultra-lightweight authentication protocol for RFID environments called SASI. We show how an attack based on Simulated Annealing can eff...
متن کاملذخیره در منابع من
با ذخیره ی این منبع در منابع من، دسترسی به آن را برای استفاده های بعدی آسان تر کنید
عنوان ژورنال:
- IACR Cryptology ePrint Archive
دوره 2016 شماره
صفحات -
تاریخ انتشار 2016