Traditional authentication and key establishment protocols utilize nonce parameters as a means for message freshness, recent aliveness, and key derivation. Improving identity verification, increasing key space, or making secret updates more complex through nonces are not goals. Generating random numbers as nonces and not making the most out of them can be considered as a loss in resource strick...

Many RFID authentication protocols have been proposed to provide desired security and privacy level for RFID systems. Almost all of these protocols are based symmetric cryptography because of the limited resources of RFID tags. Recently Cheng et. al have been proposed an RFID security protocol based on chaotic maps. In this paper, we analyze the security of this protocol and discover its vulner...

RFID (Radio Frequency Identification) is one of the most growing technologies among the pervasive systems. Non line of sight capability makes RFID systems much faster than its other contending systems such as barcodes and magnetic taps etc. But there are some allied security apprehensions with RFID systems. RFID security has been acquired a lot of attention in last few years as evinced by the l...

An RFID reader must authenticate its designated tags in order to prevent tag forgery and counterfeiting. At the same time, due to privacy requirements of many applications, a tag should remain anonymous and untraceable to an adversary during the authentication process. In this paper, we propose an “HB-like” protocol for privacy-preserving authentication of RFID tags. Previous protocols for priv...

Many RFID protocols use cryptographic hash functions for their security. The resource constrained nature of RFID systems forces the use of light weight cryptographic algorithms. Tav-128 is one such light weight hash function proposed by Peris-Lopez et al. for an RFID authentication protocol. In this article we show that Tav-128 is not collision resistant. We show a practical collision attack ag...

Two effective attacks, namely de-synchronization attack and impersonation attack, against Ha et al. ’s LCSS RFID authentication protocol, Song and Mitchell’s protocol are identified. The former attack can break the synchronization between the RFID reader and the tag in a single protocol run so that they can not authenticate each other in any following protocol run. The latter can impersonate a ...

In this paper, we present a security weakness of a forward secure authentication protocol proposed by Tri Van Le et al. called O-FRAP which stands for Optimistic Forward secure RFID Authentication Protocol. In particular, we point out that in the O-FRAP protocol, the server can be subject to a denial-of-service attack due to a flaw in the database querying procedure. Our attack also applies to ...

A secure RFID ticket system for public transport is proposed in this paper. It supports security properties including secure authentication, unforgeability, correct billing and privacy and can prevent various attacks. It consists of two protocols, both following three principles necessary for secure RFID ticket system. The first protocol is very efficient and suitable for applications with crit...

In this paper we propose two RFID (Radio Frequency Identification) authentication protocols for secure and lowcost RFID systems. The first protocol SRAC (SemiRandomized Access Control) is designed using only a hash function as security primitives in tags. In spite of very restricted functionality, SRAC resolves not only security properties, such as the tracking problem, the forward secrecy and ...

The implementation of efficient security mechanisms for Radio Frequency Identification (RFID) system has always been a continuous challenge due to its limited computing resources. Previously, hash-based, symmetric-key cryptography-based and elliptic curve cryptography based protocols were proposed RFID system. However, these are not suitable because some them failed fulfil the requirements, pro...