Information Technology Reference
In-Depth Information
Generate
Random
R
Request
,
R
(1)
Generate
Random
R
c
R
c
,
g
(
id
$
R
)
(2)
h
(
id
$
R
c
)
(3)
if correct
id
prev
m
id
id
prev
m
id
id
m
f
(
id
)
id
m
f
(
id
)
Reader
Tag
Fig. 2.
The challenge-response trigger protocol proposed by Lim
et al.
[2]
r
and
h
(
r
◦
id
) will
not be accepted from the legitimate reader and it will be “desynchronized”
from the tag.
3. As mentioned before, a copy of the previous
id
is kept in the database to
make it possible for the reader to communicate with a tag whose
id
has not
been updated for any reason. Using this fact, an attacker can simply save and
then “replay”
i
◦
id
) to the tag. As a result, the original
r
and
h
(
r
◦
i
◦
{
h
(
id
)
,h
(
i
◦
id
)
,Δi
}
to the legitimate reader to “impersonate”
itself as the real tag.
4. In Henrici-Muller protocol, when a legitimate reader interrogates a tag, an
attacker can interrogate this tag before the reader carries out the third step.
After receiving the request message from the attacker, the tag increases
i
by
one. Thus, the hash value sent by the legitimate reader to the tag is conceived
as an incorrect response and will not be accepted (desynchronization).
5. An attacker can repeatedly send the request message to the nearby tags
and looks for the
h
(
id
) in the received replies. As a result, the attacker can
“track” a specific tag using its
h
(
id
).
3Lim
RFID Protocols
In this Section, we explain two RFID protocols proposed by Lim
et al.
[2]. The
first protocol is named the “challenge-response trigger” and uses a challenge-
response mechanism to provide the required security. In this scheme, each tag
contains its current
id
, and a copy of all the tag
id
s is kept in the database.
The communication process is shown in Fig. 2. Here,
R
and
R
are random
challenges,
◦
shows the XOR function, and
g
is a one-way hash function [2]. In
the challenge-response trigger protocol, an entry is not deleted from the database
after the third step. The challenge-response trigger protocol is vulnerable to
some simple attacks as discussed below:
1. For most RFID applications, it is a reasonable assumption that a tag may
be captured and analyzed by an attacker. The attacker can interrogate the
captured tag for different values of
R
, and make a dictionary of some probable
et al.
Search WWH ::
Custom Search