## Cryptology ePrint Archive: Report 2011/193

Security Analysis of $LMAP^{++}$, an RFID Authentication Protocol

Abstract: Low cost RFID tags are increasingly being deployed in various practical applications these days. Security analysis of the way these tags are used in an application is a must for successful adoption of the RFID technology. Depending on the requirements of the particular application, security demands on these tags cover some or all of the aspects such as privacy, untraceability and authentication. As a result of increasing deployment of RFID tags, many works on RFID protocols and their security analysis have appeared in the literature in the past few years. Although most protocol proposals also provide some justification for the claimed security properties of these protocols, independent third party evaluation has often revealed weaknesses in these protocols. In this work, we present a third party security evaluation of a recently proposed mutual authentication protocol $LMAP^{++}$.

Mutual authentication protocols are an important class of protocols for RFID applications. In these protocols, the reader and the tag of an RFID system run an interactive game to authenticate themselves to each other. In this work, we present traceability and desynchronization attacks against the protocol $LMAP^{++}$. First we show that $LMAP^{++}$ does not satisfy the security notion of traceability as defined in the model proposed by Jules and Weis. Using the ideas of this traceability attack, next we show that $LMAP^{++}$ also suffers from a desynchronization attack. The presented attacks have low complexities and high success probabilities. To the best of our knowledge, this the first attack on the $LMAP^{++}$ protocol.

Category / Keywords: cryptographic protocols / Desynchronization, $LMAP^{++}$, Mutual Authentication Protocol, Privacy, RFID, Traceability.