HAL will be down for maintenance from Friday, June 10 at 4pm through Monday, June 13 at 9am. More information
Skip to Main content Skip to Navigation
Conference papers

Design Weaknesses in Recent Ultralightweight RFID Authentication Protocols

Abstract : In this paper we focus our attention on the design of several recently proposed ultralightweight authentication protocols and show that the underlying methodology is not sound. Indeed, the common feature of these protocols lies in the use of transforms, which are the main building blocks. We analyze these transforms and show that all of them present some weaknesses, which can be essentially reduced to poor confusion and diffusion in the input-output mappings. Then, exploiting the weaknesses of the transforms, we describe impersonation attacks against the ultralightweight authentication protocols in which they are used: precisely, RCIA, KMAP, SLAP, and SASI$$^{+}$$+. On average, an attack requires a constant number of interactions with the targeted tag, compared to the allegedly needed exponential number in the informal security analysis. Moreover, since the weaknesses are in the transforms, the attack strategies we describe can be used to subvert any other protocol that uses the same transforms or closely-related ones.
Document type :
Conference papers
Complete list of metadata

Cited literature [8 references]  Display  Hide  Download

Contributor : Hal Ifip Connect in order to contact the contributor
Submitted on : Thursday, February 21, 2019 - 4:05:33 PM
Last modification on : Monday, October 19, 2020 - 8:02:03 PM
Long-term archiving on: : Wednesday, May 22, 2019 - 8:18:47 PM


Files produced by the author(s)


Distributed under a Creative Commons Attribution 4.0 International License



P. D’arco, R. Prisco. Design Weaknesses in Recent Ultralightweight RFID Authentication Protocols. 33th IFIP International Conference on ICT Systems Security and Privacy Protection (SEC), Sep 2018, Poznan, Poland. pp.3-17, ⟨10.1007/978-3-319-99828-2_1⟩. ⟨hal-02023727⟩



Record views


Files downloads