Vulnerability Analysis of RFID Protocols for Tag Ownership Transfer Articles

Overview

authors

PERIS LOPEZ, PEDRO
HERNANDEZ CASTRO, JULIO CESAR
ESTEVEZ TAPIADOR, JUAN MANUEL
LI, TIEYAN
YINGJIU, LI

published in

Computer Networks Journal

publication date

June 2010

start page

1502

end page

1508

issue

9

volume

54

Digital Object Identifier (DOI)

https://doi.org/10.1016/j.comnet.2009.11.007

International Standard Serial Number (ISSN)

1389-1286

Electronic International Standard Serial Number (EISSN)

1872-7069

abstract

In RFIDSec'08, Song proposed an ownership transfer scheme, which consists of an ownership transfer protocol and a secret update protocol [7]. The ownership transfer protocol is completely based on a mutual
authentication protocol proposed in WiSec'08 [8]. In Rizomiliotis et al.
(2009) [6], van Deursen and Radomirovic (2008), the first weaknesses to
be identified (tag and server impersonation) were addressed and this
paper completes the consideration of them all. We find that the mutual
authentication protocol, and therefore the ownership transfer protocol,
possesses certain weaknesses related to most of the security properties
initially required in protocol design: tag information leakage, tag
location tracking, and forward traceability. Moreover, the secret update
protocol is not immune to de-synchronization attacks.