Design Weaknesses in Recent Ultralightweight RFID Authentication Protocols - ICT Systems Security and Privacy Protection
Conference Papers Year : 2018

Design Weaknesses in Recent Ultralightweight RFID Authentication Protocols

Abstract

In this paper we focus our attention on the design of several recently proposed ultralightweight authentication protocols and show that the underlying methodology is not sound. Indeed, the common feature of these protocols lies in the use of transforms, which are the main building blocks. We analyze these transforms and show that all of them present some weaknesses, which can be essentially reduced to poor confusion and diffusion in the input-output mappings. Then, exploiting the weaknesses of the transforms, we describe impersonation attacks against the ultralightweight authentication protocols in which they are used: precisely, RCIA, KMAP, SLAP, and SASI$$^{+}$$+. On average, an attack requires a constant number of interactions with the targeted tag, compared to the allegedly needed exponential number in the informal security analysis. Moreover, since the weaknesses are in the transforms, the attack strategies we describe can be used to subvert any other protocol that uses the same transforms or closely-related ones.
Fichier principal
Vignette du fichier
472722_1_En_1_Chapter.pdf (325.15 Ko) Télécharger le fichier
Origin Files produced by the author(s)
Loading...

Dates and versions

hal-02023727 , version 1 (21-02-2019)

Licence

Identifiers

Cite

P. D’arco, R. De Prisco. Design Weaknesses in Recent Ultralightweight RFID Authentication Protocols. 33th IFIP International Conference on ICT Systems Security and Privacy Protection (SEC), Sep 2018, Poznan, Poland. pp.3-17, ⟨10.1007/978-3-319-99828-2_1⟩. ⟨hal-02023727⟩
70 View
86 Download

Altmetric

Share

More