On the (im)possibility of receiving security beyond 2^l using an l-bit PRNG: the case of Wang et. al. protocol

Masoumeh Safkhani; Mehdi Hosseinzadeh; Mojtaba Eslamnezhad Namin; Samad Rostampour; Nasour Bagheri

Paper 2015/365

On the (im)possibility of receiving security beyond 2^l using an l-bit PRNG: the case of Wang et. al. protocol

Masoumeh Safkhani, Mehdi Hosseinzadeh, Mojtaba Eslamnezhad Namin, Samad Rostampour, and Nasour Bagheri

Abstract

Recently,Wang et al. analyzed the security of two EPC C1-G2 compliant RFID authentication protocols, called RAPLT and SRP^+, and proved that these protocols are vulnerable against de-synchronization and secret disclosure attacks. The time complexity of their attacks were O(2^{16}). In addition, they proposed an improved version of SRP^+ entitled SRP^{++}, for which they claim the security would be O(2^{32}). However, in this letter, we analyze the security of SRP^{++} and show that the complexity of retrieving all secret parameters of a given tag is $O(2^{16})$, similar to its predecessor protocol.

Metadata

Available format(s): PDF
Category: Cryptographic protocols
Publication info: Preprint. MINOR revision.
Keywords: RFID EPC-C1-G2 Authentication Security Vulnerabilities.
Contact author(s): na bagheri @ gmail com
History: 2015-09-13: revised; 2015-04-23: received; See all versions
Short URL: https://ia.cr/2015/365
License: CC BY

BibTeX

@misc{cryptoeprint:2015/365,
      author = {Masoumeh Safkhani and Mehdi Hosseinzadeh and Mojtaba Eslamnezhad Namin and Samad Rostampour and Nasour Bagheri},
      title = {On the (im)possibility of receiving security beyond 2^l using an l-bit {PRNG}: the case of Wang et. al. protocol},
      howpublished = {Cryptology {ePrint} Archive, Paper 2015/365},
      year = {2015},
      url = {https://eprint.iacr.org/2015/365}
}