Vulnerability Analysis of RFID Protocols for Tag Ownership Transfer

Author

Pedro PERIS-LOPEZ
Julio Hernandez-Castro
Juan Tapiador
Tieyan LI
Yingjiu LI, Singapore Management UniversityFollow

Publication Type

Journal Article

Version

submittedVersion

Publication Date

2010

Abstract

In RFIDSec’08, Song proposed an ownership transfer scheme, which consists of an ownership transfer protocol and a secret update protocol [7]. The ownership transfer protocol is completely based on a mutual authentication protocol proposed in WiSec’08 [8]. In Rizomiliotis et al. (2009) [6], van Deursen and Radomirovic (2008), the first weaknesses to be identified (tag and server impersonation) were addressed and this paper completes the consideration of them all. We find that the mutual authentication protocol, and therefore the ownership transfer protocol, possesses certain weaknesses related to most of the security properties initially required in protocol design: tag information leakage, tag location tracking, and forward traceability. Moreover, the secret update protocol is not immune to de-synchronization attacks.

Keywords

Security protocols, Authentication, Ownership transfer, RFID

Discipline

Information Security

Research Areas

Information Security and Trust

Publication

Computer Networks

Volume

54

Issue

9

First Page

1502

Last Page

1508

ISSN

1389-1286

Identifier

10.1016/j.comnet.2009.11.007

Publisher

Elsevier

Citation

PERIS-LOPEZ, Pedro; Hernandez-Castro, Julio; Tapiador, Juan; LI, Tieyan; and LI, Yingjiu. Vulnerability Analysis of RFID Protocols for Tag Ownership Transfer. (2010). Computer Networks. 54, (9), 1502-1508.
Available at: https://ink.library.smu.edu.sg/sis_research/1327

Creative Commons License

This work is licensed under a Creative Commons Attribution-NonCommercial-No Derivative Works 4.0 International License.

Additional URL

http://dx.doi.org/10.1016/j.comnet.2009.11.007