### Passive Cryptanalysis of the UnConditionally Secure Authentication Protocol for RFID Systems

##### Abstract

Recently, Alomair et al. proposed the rst UnConditionally Secure mutual authentication protocol for low-cost RFID systems(UCS- RFID). The security of the UCS-RFID relies on ve dynamic secret keys which are updated at every protocol run using a fresh random number (nonce) secretly transmitted from a reader to tags. Our results show that, at the highest security level of the protocol (security parameter= 256), inferring a nonce is feasible with the probability of 0.99 by eavesdropping(observing) about 90 runs of the protocol. Finding a nonce enables a passive attacker to recover all ve secret keys of the protocol. To do so, we propose a three-phase probabilistic approach in this paper. Our attack recovers the secret keys with a probability that increases by accessing more protocol runs. We also show that tracing a tag using this protocol is also possible even with less runs of the protocol.

Available format(s)
Category
Cryptographic protocols
Publication info
Published elsewhere. Unknown where it was published
Keywords
RFIDAuthentication ProtocolPassive Attack
Contact author(s)
reza sohizadeh @ ii uib no
History
2011-01-04: last of 4 revisions
See all versions
Short URL
https://ia.cr/2010/463

CC BY

BibTeX

@misc{cryptoeprint:2010/463,