Cryptology ePrint Archive: Report 2010/463
Passive Cryptanalysis of the UnConditionally Secure Authentication Protocol for RFID Systems
Mohammad Reza Sohizadeh Abyaneh
Abstract: Recently, Alomair et al. proposed the rst UnConditionally
Secure mutual authentication protocol for low-cost RFID systems(UCS-
RFID). The security of the UCS-RFID relies on ve dynamic secret keys
which are updated at every protocol run using a fresh random number
(nonce) secretly transmitted from a reader to tags.
Our results show that, at the highest security level of the protocol (security parameter= 256), inferring a nonce is feasible with the probability of 0.99 by eavesdropping(observing) about 90 runs of the protocol. Finding a nonce enables a passive attacker to recover all ve secret keys of the protocol. To do so, we propose a three-phase probabilistic approach in this paper. Our attack recovers the secret keys with a probability that increases by accessing more protocol runs. We also show that tracing a tag using this protocol is also possible even with less runs of the protocol.
Category / Keywords: cryptographic protocols / RFID, Authentication Protocol, Passive Attack
Date: received 31 Aug 2010, last revised 4 Jan 2011
Contact author: reza sohizadeh at ii uib no
Available format(s): PDF | BibTeX Citation
Version: 20110104:152531 (All versions of this report)
Discussion forum: Show discussion | Start new discussion
[ Cryptology ePrint archive ]