JOURNAL BROWSE
Search
Advanced SearchSearch Tips
Gröbner Basis Attacks on Lightweight RFID Authentication Protocols
facebook(new window)  Pirnt(new window) E-mail(new window) Excel Download
 Title & Authors
Gröbner Basis Attacks on Lightweight RFID Authentication Protocols
Han, Dae-Wan;
  PDF(new window)
 Abstract
Since security and privacy problems in RFID systems have attracted much attention, numerous RFID authentication protocols have been suggested. One of the various design approaches is to use light-weight logics such as bitwise Boolean operations and addition modulo between m-bits words. Because these operations can be implemented in a small chip area, that is the major requirement in RFID protocols, a series of protocols have been suggested conforming to this approach. In this paper, we present new attacks on these lightweight RFID authentication protocols by using the Grbner basis. Our attacks are superior to previous ones for the following reasons: since we do not use the specific characteristics of target protocols, they are generally applicable to various ones. Furthermore, they are so powerful that we can recover almost all secret information of the protocols. For concrete examples, we show that almost all secret variables of six RFID protocols, LMAP, , EMAP, SASI, Lo et al.`s protocol, and Lee et al.`s protocol, can be recovered within a few seconds on a single PC.
 Keywords
RFID;Authentication Protocol;Algebraic Attack;Grbner Basis;
 Language
English
 Cited by
1.
RCIA: A New Ultralightweight RFID Authentication Protocol Using Recursive Hash, International Journal of Distributed Sensor Networks, 2015, 2015, 1  crossref(new windwow)
2.
A New Ultralightweight RFID Authentication Protocol for Passive Low Cost Tags: KMAP, Wireless Personal Communications, 2016  crossref(new windwow)
3.
Pitfalls in Ultralightweight Authentication Protocol Designs, IEEE Transactions on Mobile Computing, 2016, 15, 9, 2317  crossref(new windwow)
4.
Recursive Linear and Differential Cryptanalysis of Ultralightweight Authentication Protocols, IEEE Transactions on Information Forensics and Security, 2013, 8, 7, 1140  crossref(new windwow)
5.
A New Ultralightweight RFID Mutual Authentication Protocol: SASI Using Recursive Hash, International Journal of Distributed Sensor Networks, 2016, 2016, 1  crossref(new windwow)
 References
1.
W.W. Adams and P. Loustaunau, "An Introduction to Grobner Bases," Graduate Studies in Mathematics, Vol.3, AMS, 1994.

2.
B. Alomair, L. Lazos, and R. Poovendran, "Passive Attacks on a Class of Authentication Protocols for RFID," Proceedings of ICISC 2007, LNCS 4817, Springer-Verlag, 2007, pp.102-115.

3.
G. Avoine, Cryptography in Radio Frequency Identification and Fair Exchange Protocols [dissertation]. Lausanne, Switzerland: EPFL; 2005.

4.
M. Brickenstein, A. Dreyer, PolyBoRi: "A Framework for Grobner Basis Computations with Boolean Polynomials," Electronic Proceedings of the MEGA 2007 - Efficient Methods in Algebraic Geometry, Strobl, Austria, 2007.

5.
J. Buchmann, A. Pyshkin, and R-P Weinmann, "Block Ciphers Sensitive to Grobner Basis Attacks," Proceedings of CT-RSA 2006, LNCS 3860, Springer-Verlag, 2006, pp.313-331.

6.
T. Cao, L. Bertino, and H. Lei, "Security Analysis of the SASI Protocol," IEEE Transactions on Dependable and Secure Computing, Vol.6, No.1, 2009, pp.73-77. crossref(new window)

7.
H.-Y. Chien, "SASI: A New Ultralightweight RFID Authentication Protocol Providing Strong Authentication ans Strong Integrity," IEEE Transactions on Dependable and Secure Computing, Vol.4, No.4, 2007, pp.337-340. crossref(new window)

8.
C. Cid, S. Murphy, and M. Robshaw, Algebraic Aspects of the Advanced Encrpytion Standard, Springer-Verlag, 2006.

9.
N. Courtois, and J. Pieprzyk, "Cryptanalysis of Block Ciphers with Over-defined System of Equations," Proceedings of Asiacrypt 2002, LNCS 2501, Springer-Verlag, 2002, pp.267-287.

10.
N. Courtois, "Fast Algebraic Attacks on Stream Ciphers with Linear Feedback," Proceedings of Crypto 2003, LNCS 2729, Springer-Verlag, 2003, pp.176-194.

11.
N. Courtois and W. Meier, "Algebraic Attacks on Stream Ciphers with Linear Feedback," Proceedings of Eurocrypt 2003, LNCS 2656, Springer-Verlag, 2003, pp.345-359.

12.
J.-C. Faugere, "A New Efficient Algorithm for computing Grobner bases (F4)," Journal of Pure and Applied Algebra, Vol.139, 1999, pp.61-88. crossref(new window)

13.
J.-C. Faugere, "A New Efficient Algorithm for computing Grobner bases without Reduction to Zero (F5)," Proceedings of ISSAC 2002, pp.75-83.

14.
J.-C. Faugere, and A. Joux, "Algebraic Cryptanalysis of Hidden Field Equation (HFE) Cryptosystems using Grobner bases," Proceedings of Crypto 2003, LNCS 2729, Springer-Verlag, 2003, pp.44-60.

15.
M. Feldhofer, S. Dominikus, and J. Wolkerstorfer, "Strong Authentication for RFID Systems Using AES Algorithm," Proceedings of CHES 2004, LNCS 3156, Springer-Verlag, 2004, pp.357-370.

16.
M. Feldhofer and C. Rechberger, "A Case against Currently Used Hash Functions in RFID Protocols," Proceedings of RFIDSec 2006.

17.
C. Hung-Yu and H. Chen-Wei, "Security of ultra-lightweight RFID authentication protocols and its improvements," ACM SIGOPS Operating Systems Review, Vol.41, No.4, 2007, pp.83-86. crossref(new window)

18.
A. Juels, "RFID Security and Privacy: A Research Survey," IEEE Journal on Selected Areas in Communications, Vol.24, No.2, 2006, pp.381-394. crossref(new window)

19.
A. Juels, R. Rivest and M. Szydlo, "The Blocker tag: Selective Blocking of RFID Tags for Consumer Privacy," Proceedings of CCS 2003, ACM Press, 2003, pp.103-111.

20.
A. Juels and S. A. Weis, "Authenticating Pervasive Devices with Human Protocols," Proceedings of Crypto'05, LNCS 3621, Springer-Verlag, 2005, pp.293-308.

21.
Y.-C. Lee, Y.-C. Hsieh, P.-S. You, T.-C. Chen, "A New Ultralightweight RFID Protocol with Mutual Authentication," Proceedings of WASE 2009, Vol.2 of ICIE, 2009, pp.58-61.

22.
N.-W. Lo, H.-S. Shie, K.-H. Yeh, "A Design of RFID Mutual Authentication Protocol Using Lightweight Bitwise Operations," Proceedings of JWIS 2008.

23.
P. Peris-Lopez, J.C. Hernandez-Castro, J.M. Estevez-Tapiador, and A. Ribagorda, "LMAP: A Real Lightweight Mutual Authentication Protocol for Low-cost RFID tags" Proceedings of UIC 2006, LNCS 4159, Springer-Verlag, 2006, pp.912-923.

24.
P. Peris-Lopez, J.C. Hernandez-Castro, J.M. Estevez-Tapiador, and A. Ribagorda, "$M^2AP$: A Minimalist Mutual-Authentication Protocol for Low-cost RFID tags" Proceedings of UIC 2006, LNCS 4159, Springer-Verlag, 2006, pp.912-923.

25.
P. Peris-Lopez, J.C. Hernandez-Castro, J.M. Estevez-Tapiador, and A. Ribagorda, "EMAP: An Efficient Mutual Authentication Protocol for Low-cost RFID tags," Proceedings of IS 2006, LNCS 4277, Springer-Verlag, 2006, pp.352-361.

26.
R. C.-W. Phan, "Cryptanalysis of a New Ultralightweight RFID Authentication Protocol-SASI," IEEE Transactions on Dependable and Secure Computing, Vol.6, No.4, 2009, pp.316-320. crossref(new window)

27.
Sage distribution of mathematical software, http://www.sagemath.org

28.
S. A. Weis, Security and Privacy in Radio-Frequency Identification Devices [dissertation]. Massachusetts: Massachusetts Institute of Technology (MIT); 2003.