Cryptology ePrint Archive: Report 2014/475

A Key Recovery Attack on Error Correcting Code Based a Lightweight Security Protocol

Imran Erguler

Abstract: One of the interesting types of RFID application is RFID searching which aims to hear a specific RFID tag from a large group of tags, i.e. ability of detecting whether a target RFID tag is nearby. Very recently, a lightweight protocol using error-correcting codes has been proposed by Chen et al. to provide a solution to needs in this field. The authors give a detailed analysis of their protocol in terms of security, privacy, communication overhead, hardware cost and they claim that it is a realizable scheme with fulfilling security and privacy requirements. In this study, however, we investigate security of this protocol and clearly demonstrate its security flaws that completely allow an adversary to exploit the system. In particular, by using linear properties of error correcting coding we firstly describe a tag tracing attack that undermines untraceability property which is one its design objectives. Then along with its implementation details we present a key recovery attack that reduces dramatically search space of a tag's secret key and show that an adversary can compromise it in practical time by only querying this tag for several times. As an illustrative example we retrieve the secret key of the protocol in two hours for the adopted linear block code C(47,24,11) which is one of the suggested codes.

Category / Keywords: cryptographic protocols / Authentication, error correcting coding, lightweight, privacy, RFID, security

Date: received 17 Jun 2014

Contact author: imran erguler at tubitak gov tr

Available format(s): PDF | BibTeX Citation

Version: 20140621:162902 (All versions of this report)

Discussion forum: Show discussion | Start new discussion

[ Cryptology ePrint archive ]