Scalability and Security Conflict for RFID Authentication Protocols |
| |
Authors: | Imran Erguler Emin Anarim |
| |
Affiliation: | 1.TUBITAK-UEKAE,Gebze, Kocaeli,Turkey;2.Electrical-Electronics Engineering Department,Bogazici University,Bebek, Istanbul,Turkey |
| |
Abstract: | RFID technology continues to flourish as an inherent part of virtually every ubiquitous environment. However, it became clear
that the public—implying the industry—seriously needs mechanisms emerging the security and privacy issues for increasing RFID
applications. As the nodes of RFID systems mostly suffer from low computational power and small memory size, various attempts
which propose to implement the existing security primitives and protocols, have ignored the realm of the cost limitations
and failed. In this study, two recently proposed protocols—SSM and LRMAP—claiming to meet the standard privacy and security
requirements are analyzed. The design of both protocols based on defining states where the server authenticates the tag in
constant time in a more frequent normal state and needs a linear search in a rare abnormal states. Although both protocols
claim to provide untraceability criteria in their design objectives, we outline a generic attack that both protocols failed
to fulfill this claim. Moreover, we showed that the SSM protocol is vulnerable to a desynchronization attack which prevents
a server from authenticating a legitimate tag. Resultantly, we conclude that defining computationally unbalanced tag states
yields to a security/scalability conflict for RFID authentication protocols. |
| |
Keywords: | |
本文献已被 SpringerLink 等数据库收录! |
|