You are looking at a specific version 20150913:171413 of this paper.
See the latest version.
Paper 2015/365
On the (im)possibility of receiving security beyond 2^l using an l-bit PRNG: the case of Wang et. al. protocol
Masoumeh Safkhani, Mehdi Hosseinzadeh, Mojtaba Eslamnezhad Namin, Samad Rostampour, Nasour Bagheri
Abstract
Recently,Wang et al. analyzed the security of two EPC C1-G2 compliant RFID authentication protocols, called RAPLT and SRP^+, and proved that these protocols are vulnerable against de-synchronization and secret disclosure attacks. The time complexity of their attacks were O(2^{16}). In addition, they proposed an improved version of SRP^+ entitled SRP^{++}, for which they claim the security would be O(2^{32}). However, in this letter, we analyze the security of SRP^{++} and show that the complexity of retrieving all secret parameters of a given tag is $O(2^{16})$, similar to its predecessor protocol.
Metadata
- Available format(s)
- Category
- Cryptographic protocols
- Publication info
- Preprint. MINOR revision.
- Keywords
- RFIDEPC-C1-G2AuthenticationSecurity Vulnerabilities.
- Contact author(s)
- na bagheri @ gmail com
- History
- 2015-09-13: revised
- 2015-04-23: received
- See all versions
- Short URL
- https://ia.cr/2015/365
- License
-
CC BY