1 / 19

Attacks and Improvements to an RFID Mutual Authentication Protocol and its Extensions

Second ACM Conference on Wireless Network Security (WiSec ‘09). Attacks and Improvements to an RFID Mutual Authentication Protocol and its Extensions. Shaoying Cai 1 Yingjiu Li 1 Tieyan Li 2 Robert H. Deng 1. 1 Singapore Management University

zora
Download Presentation

Attacks and Improvements to an RFID Mutual Authentication Protocol and its Extensions

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. Second ACM Conference on Wireless Network Security (WiSec ‘09) Attacks and Improvements to an RFID Mutual Authentication Protocol and its Extensions Shaoying Cai1 Yingjiu Li1 Tieyan Li2 Robert H. Deng1 1Singapore Management University 2Institute for Infocomm Research (I2R) March 16-18, 2009, Zurich, Switzerland

  2. Overall RFID Authentication Protocol for Low-Cost Tags B. Song and C. J. Mitchell (WiSec 08) Tag impersonation attack Song-Mitchell Protocol Server impersonation attack RFID Tag Ownership Transfer B. Song (RFIDsec 08) Song’s Secret Update Protocol De-synchronization attack

  3. Outline • RFID Background • Attacks and Improvements to the Song–Mitchell Protocol • Attacks and Improvements to the Song’s Secret Update Protocol • Conclusions

  4. Radio Frequency Identification System Components: Tag, Reader, Back-end database Characteristics: Wireless connection ( tag  reader ) Limited capability of the tags Attacker Model: Active attacker 100 meters Tag Reader Backend Server Attacker

  5. Privacy and Security Concerns of Mutual Authentication Protocol • Tag information privacy • Tag location privacy • Resistance to server\tag impersonation attack • Resistance to replay attack • Resistance to de-synchronization attack • Forward and backward security

  6. Privacy Concerns of Ownership Transfer • New owner privacy • Old owner privacy • Authorization recovery

  7. Song-Mitchell Mutual Authentication Protocol ti = h(si) Identification Implicit tag authentication Update Server authentication Update

  8. Server Impersonation Attack r1 M1 , M2 M3 Em, you are valid. M1 , M3 I’m server r1’ Result ? M1’, M2’ M3’

  9. Result of Server Impersonation Attack [(si,ti)new, (si,ti)old] Ti Server [t’] Search database, Search… Search…. But, r1 M1 , M2 It’s me, Ti…. I was changed by Attacker. Who are you?

  10. Tag Impersonation Attack I’m server Ti r1’ M1’, M2’ Yeah, you are Ti. I’m tag Ti r1 Result ? M1, M2 M3

  11. Vulnerability Analysis : >> : S >> l/2 = [S]R || [S]L

  12. Modified Song-Mitchell Protocol

  13. Song's secret update protocol ti ti’

  14. De-Synchronization Attack Update Ti’s secret to ti’ Ti r1,M1, M2 Ti r1,M1’ , M2’ r2’, M3’ Updates to ti’’

  15. Modified Tag Update Protocol

  16. Conclusions Song-Mitchell mutual authentication protocol Server impersonation attack Tag impersonation attack Tag secret update protocol De-synchronization attack

  17. Discussion • Performance F denotes a computationally complex function such as hash and keyed hash, and k is an integer between 1 and 2N • Formal Proof Will be given in our future work.

  18. Q & A?

  19. Thank you! Shaoying Cai: sycai@smu.edu.sg

More Related