Cryptology ePrint Archive: Report 2013/490

For an EPC-C1 G2 RFID compliant Protocol, CRC with Concatenation : No; PRNG with Concatenation : Yes

Masoumeh Safkhani, Nasour Bagheri

Abstract: In this paper we present new constraints to EPCglobal Class 1 Generation 2 (EPC-C1 G2) standard which if they have been considered in the design of EPC-C1 G2 complaint authentication protocols, lead to prevent predecessor's protocols' weaknesses and also present the secure ones. Also in this paper as an example, we use Pang \textit{et al.} EPC-C1 G2-friendly protocol which has been recently proposed, to show our proposed constraints in EPC-C1 G2 standard. Pang \textit{et al.}'s protocol security analysis show how its security claim based on untraceability and resistance against de-synchronization attacks is ruined. More precisely, we present very efficient de-synchronization attack and traceability attack against the protocol. Finally, take Pang \textit{et al.} protocol's vulnerability points, we present new conditions to design EPC-C1 G2 complaint protocols and based on it we propose a secure (EPC-C1 G2) RFID authentication scheme which is a good sample to EPC-C1 G2 complaint protocols.

Category / Keywords: cryptographic protocols / RFID, Mutual Authentication, EPC-C1 G2, Cyclic Redundancy Code, Pseudo Random Number Generator, De-synchronization, Traceability Attack

Date: received 12 Aug 2013, last revised 12 Aug 2013

Contact author: na bagheri at gmail com

Available format(s): PDF | BibTeX Citation

Version: 20130815:071913 (All versions of this report)

Discussion forum: Show discussion | Start new discussion

[ Cryptology ePrint archive ]