Volume 4, Issue 3 (9-2012)                   IJICTR 2012, 4(3): 33-43 | Back to browse issues page

XML Print

Download citation:
BibTeX | RIS | EndNote | Medlars | ProCite | Reference Manager | RefWorks
Send citation to:

Bagheri N, Safkhani M, Naderi M, Luo Y, Chai Q. Forgery Attack is a Piece of Cake on a Class of Mutual Authentication Protocols . IJICTR. 2012; 4 (3) :33-43
URL: http://ijict.itrc.ac.ir/article-1-178-en.html
1- Electrical Engineering Department, Shahid Rajaee Teacher Training University, Tehran, Iran
2- Electrical Engineering Department, Iran University of Science & Technology, Tehran, Iran
3- Department of Computer Science & Engineering, Shanghai Jiao Tong University, China
4- Department of Electrical & Computer Engineering, University of Waterloo, Canada
Abstract:   (2516 Views)

A suitable mutual authentication protocol for an RFID system should provide mutual authentication along with user privacy. In addition, such protocol must be resistant to active and passive attacks, e.g. man-in-the-middle attack, replay attack, reader-/tag-impersonation attack, denial of service attack and traceability attack. Among them, tag-impersonation attack refers to a forgery attack in which the adversary fools the legitimate reader to authenticate it as a valid tag. In this paper we exam the security of three RFID mutual authentication protocols which have been recently proposed by Luo et al., Shen et al. and Habibi and Gardeshi, under tag impersonation attack. We found that these three protocols share a same vulnerability – in each session, the tag and the reader generate a random value respectively and they use the exclusive-or (XOR) of those random values in the authentication process. We exploit this vulnerability to present effective and efficient tag impersonation attacks against these protocols, e.g., the success probabilities of our attacks are “1” and the complexity is at most two runs of each protocol. In addition, we exhibit the improved version of these protocols, which are immune from tag impersonation attacks.

Full-Text [PDF 1037 kb]   (1079 Downloads)    
Type of Study: Research | Subject: Information Technology

Add your comments about this article : Your username or Email: