Paper 2012/489

Recursive Linear and Differential Cryptanalysis of Ultralightweight Authentication Protocols

Zahra Ahmadian, Mahmoud Salmasizadeh, and Mohammad Reza Aref

Abstract

Privacy is faced to serious challenges in the ubiquitous computing world. In order to handle this problem, some researches in recent years have focused on design and analysis of privacy friendly ultralightweight authentication protocols. In less than a decade, many ultralightweight authentication protocols are proposed. Though, successful crypanalyses are proposed for almost all of them, most of these attacks are based on ad-hoc methods that are not extensible to a large class of ultralightweight protocols. So this research area still suffers from the lack of structured cryptanalysis and evaluation ethods. In this paper, we introduce new frameworks for full disclosure attacks on ultralightweight authentication protocols based on new concepts of recursive linear and recursive differential cryptanalysis. Both of them exploit triangular functions in ultralightweight protocols and recover all secret data stored in the tag in a recursive manner. The recursive linear attack is applied to Yeh et al. and SLMAP authentication protocols. This attack is passive, deterministic (i.e. the attacker can retrieve all the secrets with probability of one), and requires only a single authentication session. The recursive differential attack is more powerful and can be applied to the protocols which linear attack may not work on. We show the effectiveness of this attack on LMAP++and SASI authentication protocols. This differential attack is probabilistic, active in the sense that the attacker suffices only to block some specific messages, and requires a few authentication sessions.

Note: -

Metadata
Available format(s)
PDF
Category
Cryptographic protocols
Publication info
Published elsewhere. -
Keywords
RFID technologyUltralightweight authentication protocolsTriangular functionssystem of linear equations.
Contact author(s)
zahraahmadian @ yahoo com
History
2012-09-23: revised
2012-08-22: received
See all versions
Short URL
https://ia.cr/2012/489
License
Creative Commons Attribution
CC BY

BibTeX

@misc{cryptoeprint:2012/489,
      author = {Zahra Ahmadian and Mahmoud Salmasizadeh and Mohammad Reza Aref},
      title = {Recursive Linear and Differential Cryptanalysis of Ultralightweight Authentication Protocols},
      howpublished = {Cryptology ePrint Archive, Paper 2012/489},
      year = {2012},
      note = {\url{https://eprint.iacr.org/2012/489}},
      url = {https://eprint.iacr.org/2012/489}
}
Note: In order to protect the privacy of readers, eprint.iacr.org does not use cookies or embedded third party content.