Information Technology Reference
In-Depth Information
Request
(1)
RN16 , check
(2)
ck'
(3)
EPC data
(4)
Req RN (RN16)
(5)
handle
(6)
command (handle)
(7)
Reader
Tag
Fig. 5.
The
Gen
2
+
protocol proposed by Sun
et al.
[4]
Table 1.
Security comparison of the RFID protocols explained in Sections 2-5
Protocol
\
Attack
Track ing Desynchronization Replay DoS Impersonating a real tag
Henrici-Muller [1]
No
No
No
Yes
No
Challenge-Response Trigger [2]
No
No
Yes Yes
No
Forward Rolling Trigger [2]
No
No
Yes No
No
Server-less Method [3]
No
No
Yes Yes
No
Gen
2
+
[4]
No
No
No
Yes
No
Table 2.
Complexity comparison of the RFID protocols explained in Sections 2-5
Protocol Complexity
Henrici-Muller [1] 4
α
+3
γ
+2
λ
Challenge-Response Trigger [2] 3
α
+
β
+
γ
+2
λ
Forward Rolling Trigger [2]
4
α
+
β
+3
γ
Server-less Method [3]
3
α
+
β
+4
λ
Gen
2
+
[4]
2
β
+3
γ
+
λ
+
θ
attacker can listen to the communication between the legitimate readers and
the tags, and notice the presence of a specific tag, as the
EPC data
is sent
in plaintext in the
Gen
2
+
protocol.
2. An attacker can eavesdrop on the communication between a legitimate reader
and a tag, and extract its
EPC data
,
RN
16 and
check
. The attacker can save
this information on a fake tag. The fake tag then accepts any
ck
it receives
from the reader and sends its
EPC data
in step (4) to impersonate itself.
3. An attacker can wait until a tag is interrogated by a legitimate reader and
sends its
RN
16 and
check
in step (2). At this point and before the legitimate
Search WWH ::
Custom Search