authors
- PERIS LOPEZ, PEDRO
- HERNANDEZ CASTRO, JULIO CESAR
- ESTEVEZ TAPIADOR, JUAN MANUEL
- RIBAGORDA GARNACHO, ARTURO
Cryptanalysis of a Novel Authentication Protocol Conforming to EPC-C1G2 Standard
Articles
Overview
published in
- COMPUTER STANDARDS & INTERFACES Journal
publication date
- February 2009
start page
- 372
end page
- 380
issue
- 2
volume
- 31
Digital Object Identifier (DOI)
International Standard Serial Number (ISSN)
- 0920-5489
Electronic International Standard Serial Number (EISSN)
- 1872-7018
abstract
- In 2006, the standard EPC Class-1 Generation-2 (EPC-C1G2) was ratified both by EPCglobal and ISO. This standard can be considered as a ''universal'' specification for low-cost RFID tags. Although it represents a great advance for the consolidation of RFID technology, it does not pay due attention to security and, as expected, its security level is very low. In 2007, Chien et al. published a mutual authentication protocol conforming to EPC-C1G2 which tried to correct all its security shortcomings. In this article, we point out various major security flaws in Chien et al.'s proposal. We show that none of the authentication protocol objectives are met. Unequivocal identification of tagged items is not guaranteed because of possible birthday attacks. Furthermore, an attacker can impersonate not only legitimate tags, but also the back-end database. The protocol does not provide forward security either. Location privacy is easily jeopardized by a straightforward tracking attack. Finally, we show how a successful auto-desynchronization (DoS attack) can be accomplished in the back-end database despite the security measures taken against it.