Cryptography Reference
In-Depth Information
runs. After, key recovery, the adversary can easily distinguish a target tag with
any other challenge tag given by the challenger. So we have:
∀
40,
Adv
UNT
A
P
l
ref
≥
(128) = 2
Pr
(
T
´=
T
)
−
1=0
.
1
>
.
65,
Adv
UNT
A
P
∀
l
ref
≥
(256) = 2
Pr
(
T
´=
T
)
−
1=0
.
1
>
.
6 Conclusions
The design of suitable lightweight security protocols for low-cost RFID tags
is still a big challenge due to their severe constraints. Despite of interesting
proposals in the literature, this field still lacks a concrete solution.
Recently, Alomair
et al
have proposed the first authentication protocol based
on the notion of unconditional security. Regardless of some ine
ciencies in UCS-
RFID authentication protocol, such as: large key sizes, using modular multipli-
cation ,etc ,which makes this protocol an unsuitable nominate for low-cost RFID
tag deployment, we presented a passive attack which showed that even the se-
curity margin which was expected to be yielded by UCS-RFID has also been
overestimated.
In our attack, we showed that a passive adversary is able to achieve the
all secret keys of the system with a high probability of 0.99 by eavesdropping
less that 60 and 90 runs of the protocol for the key size of 128 and 256 bits
respectively. Tracing the tag in the protocol is also feasible even by less number
of runs of the protocol (e.g. 40, 65).
Our results suggest a major rethink in the design of the authentication proto-
cols for RFID systems based on unconditional security notion. Drastic changes
are necessary to fulfil both technological constraints and security concerns in
RFID systems.
References
1. Hopper, N.J., Blum, M.: Secure Human Identification Protocols. In: Boyd, C. (ed.)
ASIACRYPT 2001. LNCS, vol. 2248, pp. 52-66. Springer, Heidelberg (2001)
2. Bringer, J., Chabanne, H., Dottax, E.: HB++: a Lightweight Authentication Proto-
col Secure Against Some Attacks. In: IEEE International Conference on Pervasive
Services, Workshop on Security, Privacy and Trust in Pervasive and Ubiquitous
Computing SecPerU (2006)
3. Bringer, J., Chabanne, H.: Trusted-HB: a low-cost version of HB+ secure against
man-in-the-middle attacks. CoRR, abs/0802.0603 (2008)
4. Bringer, J., Chabanne, H., Dottax, E.: HB++: a lightweight authentication pro-
tocol secure against some attacks. In: Second International Workshop on Secu-
rity, Privacy and Trust in Pervasive and Ubiquitous Computing (SecPerU 2006),
pp. 28-33. IEEE Computer Society, Los Alamitos (2006)
5. Duc, D.N., Kim, K.: Securing HB+ against GRS man-in-the-middle attack. In:
Institute of Electronics, Information and Communication Engineers, Symposium
on Cryptography and Information Security, Sasebo, Japan, January 23-26, p. 123
(2007)
Search WWH ::
Custom Search