Vulnerability Analysis of RFID Protocols for Tag Ownership Transfer Articles uri icon

publication date

  • June 2010

start page

  • 1502

end page

  • 1508

issue

  • 9

volume

  • 54

international standard serial number (ISSN)

  • 1389-1286

electronic international standard serial number (EISSN)

  • 1872-7069

abstract

  • In RFIDSec'08, Song proposed an ownership transfer scheme, which consists of an ownership transfer protocol and a secret update protocol [7]. The ownership transfer protocol is completely based on a mutual
    authentication protocol proposed in WiSec'08 [8]. In Rizomiliotis et al.
    (2009) [6], van Deursen and Radomirovic (2008), the first weaknesses to
    be identified (tag and server impersonation) were addressed and this
    paper completes the consideration of them all. We find that the mutual
    authentication protocol, and therefore the ownership transfer protocol,
    possesses certain weaknesses related to most of the security properties
    initially required in protocol design: tag information leakage, tag
    location tracking, and forward traceability. Moreover, the secret update
    protocol is not immune to de-synchronization attacks.