Security analysis on a family of ultra-lightweight RFID authentication protocols

Author

Tieyan LI
Guilin WANG
Robert H. DENG, Singapore Management UniversityFollow

Publication Type

Journal Article

Publication Date

3-2008

Abstract

In this paper, we analyze the security vulnerabilities of a family of ultra-lightweight RFID mutual authentication protocols: LMAP, M2AP and EMAP, which are recently proposed by Peris-Lopez et al. We identify two effective attacks, namely de-synchronization attack and full-disclosure attack, against their protocols. The former permanently disables the authentication capability of a RFID tag by destroying synchronization between the tag and the RFID reader. It can be carried out in just single round of interaction in the authentication protocols. The latter completely compromises a tag by extracting all the secret information stored in the tag. It is accomplished across several runs of the protocols. Moreover, we point out the potential countermeasures to improve the security of above protocols.

Keywords

RFID authentication, security and privacy, ultra-lightweight primitives

Discipline

Information Security

Research Areas

Information Security and Trust

Publication

Journal of Software

Volume

3

Issue

3

First Page

1

Last Page

10

ISSN

1796-217X

Identifier

10.4304/jsw.3.3.1-10

Publisher

Academy Publisher

Citation

LI, Tieyan; WANG, Guilin; and DENG, Robert H.. Security analysis on a family of ultra-lightweight RFID authentication protocols. (2008). Journal of Software. 3, (3), 1-10.
Available at: https://ink.library.smu.edu.sg/sis_research/795

Additional URL

http://dx.doi.org/10.4304/jsw.3.3.1-10