Paper 2012/490

Desynchronization Attack on RAPP Ultralightweight Authentication Protocol

Zahra Ahmadian, Mahmoud Salmasizadeh, and Mohammad Reza Aref


RAPP (RFID Authentication Protocol with Permutation) is a recently proposed efficient ultralightweight authentication protocol. The operation used in this protocol is totally different from the other existing ultralightweight protocols due to the use of new introduced data dependent permutations and avoidances of modular arithmetic operations and biased logical operations such as AND and OR. The designers of RAPP claimed that this protocol resists against desynchronization attacks since the last messages of the protocol is sent by the reader and not by the tag. This letter challenges this assumption and shows that RAPP is vulnerable against desynchronization attack. This attack has a remarkable probability of success and is effective whether Hamming weight-based or modular-based rotations are used by the protocol.

Note: -

Available format(s)
Cryptographic protocols
Publication info
Published elsewhere. Unknown where it was published
RAPPRFID securityUltralightweight protocolsdesynchronization attack.
Contact author(s)
zahraahmadian @ yahoo com
2012-09-06: revised
2012-09-03: received
See all versions
Short URL
Creative Commons Attribution


      author = {Zahra Ahmadian and Mahmoud Salmasizadeh and Mohammad Reza Aref},
      title = {Desynchronization Attack on RAPP Ultralightweight Authentication Protocol},
      howpublished = {Cryptology ePrint Archive, Paper 2012/490},
      year = {2012},
      note = {\url{}},
      url = {}
Note: In order to protect the privacy of readers, does not use cookies or embedded third party content.