Paper 2015/615

Security Analysis of Niu et al. Authentication and Ownership Management Protocol

Nasour Bagheri, Masoumeh Safkhani, and Hoda Jannati

Abstract

Over the past decade, besides authentication, ownership management protocols have been suggested to transfer or delegate the ownership of RFID tagged items. Recently, Niu et al. have proposed an authentication and ownership management protocol based on 16-bit pseudo random number generators and exclusive-or operations which both can be easily implemented on low-cost RFID passive tags in EPC global Class-1 Generation-2 standard. They claim that their protocol offers location and data privacy and also resists against desynchronization attack. In this paper, we analyze the security of their proposed authentication and ownership management protocol and show that the protocol is vulnerable to secret disclosure and desynchronization attacks. The complexity of most of the attacks are only two runs of the protocol and the success probability of the attacks are almost 1.

Note: The work is on progress and the current may be revised.

Metadata
Available format(s)
PDF
Category
Cryptographic protocols
Publication info
Preprint. MINOR revision.
Keywords
RFIDownership transferownership delegationsecret disclosure attackdesynchronization attack
Contact author(s)
na bagheri @ gmail com
nbagheri @ srttu edu
History
2015-06-30: received
Short URL
https://ia.cr/2015/615
License
Creative Commons Attribution
CC BY

BibTeX 

@misc{cryptoeprint:2015/615,
      author = {Nasour Bagheri and Masoumeh Safkhani and Hoda Jannati},
      title = {Security Analysis of Niu et al. Authentication and Ownership Management Protocol},
      howpublished = {Cryptology {ePrint} Archive, Paper 2015/615},
      year = {2015},
      url = {https://eprint.iacr.org/2015/615}
}
Note: In order to protect the privacy of readers, eprint.iacr.org does not use cookies or embedded third party content.