Browse > Article
http://dx.doi.org/10.13089/JKIISC.2007.17.4.103

Improved cryptanalysis of lightweight RFID mutual authentication Protocols LMAP, $M^2AP$, EMAP  

Kwon, Dae-Sung (National Security Research Institute)
Lee, Joo-Young (National Security Research Institute)
Koo, Bon-Wook (National Security Research Institute)
Publication Information
Journal of the Korea Institute of Information Security & Cryptology / v.17, no.4, 2007 , pp. 103-113 More about this Journal
Abstract
In this paper, we present a security analysis of Lightweight RFID Mutual Authentication Protocols-LMAP[10], $M^2AP$[11], EMAP[12]. Based on simple logic operations, the protocols were designed to be suitable for lightweight environments such as RFID systems. In [8,9], it is shown that these protocols are vulnerable to do-synchronization attacks with a high probability. The authors also presented an active attack that partially reveals a tag's secret values including its ID. In this paper, we point out an error from [9] and show that their do-synchronization attack would always succeed. We also improve the active attack in [9] to show an adversary can compute a tag's ID as well as certain secret keys in a deterministic way. As for $M^2AP$ and EMAP, we show that eavesdropping $2{\sim}3$ consecutive sessions is sufficient to reveal a tag's essential secret values including its ID that allows for tracing, do-synchronization and/or subsequent impersonations.
Keywords
RFID;
Citations & Related Records
연도 인용수 순위
  • Reference
1 J. Bringer, H. Chabanne, E. Dottax, 'HB++: A Lightweight Authentication Protocol Secure against Some Attacks,' Proceedings of SecPerU 2006, pp.28-33
2 T. Li, G. Wang. 'Security Analysis of Two Ultra-Lightweight RFID Authentication Protocols', Proceeding of IFIP SEC 2007. May 2007
3 D. Kwon, D. Han, J. Lee and Y. Yeom, 'Vulnerability of an RFID Authentication Protocol Proposed at SecUbiq 2005', Proceeding of SecUbiq 2006, LNCS4097, pp.262-270, 2006
4 P. Peris-Lopez, J. C. Hermandez-Castro, J. M. Estevez-Tapaidor, A. Ribagorda, 'M2AP: A Minmalist Mutual- Authentication Protocol for Low-cost RFID tags.' Proceedings of UIC 2006, pp.912-923, 2006
5 P. Peris-Lopez, J. C. Hermandez-Castro, J. M. Estevez-Tapaidor, A. Ribagorda, 'EMAP: An Efficient Mutual- Authentication Protocol for Low-cost RFID tags.' Proceedings of OTM Federated Conferences and Workshop: IS Workshop 2006. pp. 352-361, 2006
6 M. Fredhofer and C. Rechberger, 'Case Against Currently Used Hash Functions in RFID Protocols', Proceedings of Workshop on RFID Security 2006. pp.372-381
7 J. Katz and J. S. Shin, 'Parallel and Concurrent Security of the HB and HB+ Protocols', Proceeding of EUROCRYPT 2006, LNCS4004, pp.73-87, 2006
8 M. Jung, H. Fiedler and R. Lerch, '8-bit microcontroller system with area efficient AES coprocessor for transponder applications', Ecrypt Workshop on RFID and Lightweight Crypto, Proceeding, Graz, pp.32-43, 2005
9 A. Juels and S. Weis, 'Authenticating Pervasive Devices with Human Protocols', Proceeding of CRYPTO 2005, LNCS3621, pp.293-308, 2005
10 International Standard ISO/IEC 18000-6: Information technology - Radio frequency identification for item management - Part 6: Parameters for air interface communications at 860MHz to 960MHz, 2004
11 T. Li, R. H. Deng. 'Vulnerability Analysis of EMAP-An Efficient RFID Mutual Authentication Protocol'. Proceeding of AReS 2007, April 2007
12 P. Peris-Lopez, J. C. Hermandez-Castro, J. M. Estevez-Tapaidor, A. Ribagorda, 'LMAP: A Real Leightweight Mutual Authentication Protocol for Low-cost RFID tags.' Workshop on RFID Security, RFIDSec 06, pp.137-148, July 2006