We demonstrate this fact on a family of recently proposed RFID protocols by Lee, Batina, and Verbauwhede. We invalidate the authentication and untraceability claims made for several of the family's protocols.
We also present man-in-the-middle attacks on untraceability in all of the protocols in the family. Similar attacks can be carried out on some other protocols in the literature, as well.
We briefly indicate how to repair the protocols.Category / Keywords: cryptographic protocols / RFID protocols, authentication, untraceability, compositionality Date: received 6 Jul 2009, last revised 8 Jul 2009 Contact author: ton vandeursen at uni lu Available format(s): PDF | BibTeX Citation Note: Removed one statement about a candidate hash function. Version: 20090708:122502 (All versions of this report) Short URL: ia.cr/2009/332 Discussion forum: Show discussion | Start new discussion