Weaknesses in a new ultralightweight RFID authentication protocol with permutation-RAPP Articles uri icon

publication date

  • June 2014

start page

  • 945

end page

  • 949


  • 6


  • 7

International Standard Serial Number (ISSN)

  • 1939-0114

Electronic International Standard Serial Number (EISSN)

  • 1939-0122


  • Tian et al. proposed a novel ultralightweight RFID mutual authentication protocol [1] that has recently been analyzed in several articles. In this letter, we first propose a desynchronization attack that succeeds with probability almost 1, which improves upon the 0.25 given in a previous analysis by Ahmadian et al. We also show that the bad properties of the proposed permutation function can be exploited to disclose several bits of the tag's secret (rather than just 1bit as previously shown by Avoine et al.), which increases the power of a traceability attack. Finally, we show how to extend the aforementioned attack to run a full disclosure attack, which requires to eavesdrop less protocol runs than the proposed attack by Wang et al. (i.e., 192<<2 30). © 2013 John Wiley & Sons, Ltd.


  • attacks; authentication; rapp; rfid security; authentication; computer networks; information systems; attacks; de-synchronization attacks; rapp; rfid authentication protocols; rfid mutual authentication protocols; rfid security; traceability attacks; ultra lightweights; radio frequency identification (rfid)