Abstract
The design of ultralightweight authentication protocols that conform to low-cost tag requirements is imperative. This paper analyses the most important proposals (except for those based in hard problems such as the HB [1-3] family) in the area [4-6] and identifies the common weaknesses that have left all of them open to various attacks [7-11]. Finally, we present Gossamer, a new protocol inspired by the recently published SASI scheme [13], that was lately also the subject of a disclosure attack by Hernandez-Castro et al.[14]. Specifically, this new protocol is designed to avoid the problems of the past, and we examine in some deep its security and performance.
This is a preview of subscription content, log in via an institution to check access.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
Preview
Unable to display preview. Download preview PDF.
Similar content being viewed by others
References
Weis, S.: Security parallels between people and pervasive devices. In: Proc. of PERSEC 2005, pp. 105–109. IEEE Computer Society Press, Los Alamitos (2005)
Piramuthu, S.: HB and related lightweight authentication protocols for secure RFID tag/reader authentication. In: Proc. of CollECTeR 2006 (2006)
Munilla, J., Peinado, A.: HB-MP: A further step in the HB-family of lightweight authentication protocols. Computer Networks 51(9), 2262–2267 (2007)
Peris-Lopez, P., Hernandez-Castro, J.C., Estevez-Tapiador, J.M., Ribagorda, A.: M2AP: A minimalist mutual-authentication protocol for low-cost RFID tags. In: Ma, J., Jin, H., Yang, L.T., Tsai, J.J.-P. (eds.) UIC 2006. LNCS, vol. 4159, pp. 912–923. Springer, Heidelberg (2006)
Peris-Lopez, P., Hernandez-Castro, J.C., Estevez-Tapiador, J.M., Ribagorda, A.: LMAP: A real lightweight mutual authentication protocol for low-cost RFID tags. In: Hand. of Workshop on RFID and Lightweight Crypto (2006)
Peris-Lopez, P., Hernandez-Castro, J.C., Estevez-Tapiador, J.M., Ribagorda, A.: EMAP: An efficient mutual authentication protocol for low-cost RFID tags. In: Meersman, R., Tari, Z., Herrero, P. (eds.) OTM 2006 Workshops. LNCS, vol. 4277, pp. 352–361. Springer, Heidelberg (2006)
Li, T., Deng, R.: Vulnerability analysis of EMAP - an efficient RFID mutual authentication protocol. In: Proc. of AReS 2007 (2007)
Li, T., Wang, G.: Security analysis of two ultra-lightweight RFID authentication protocols. In: Proc. of IFIP-SEC 2007 (2007)
Hung-Yu, C., Chen-Wei, H.: Security of ultra-lightweight RFID authentication protocols and its improvements. SIGOPS Oper. Syst. Rev. 41(4), 83–86 (2007)
Bárász, M., Boros, B., Ligeti, P., Lója, K., Nagy, D.: Breaking LMAP. In: Proc. of RFIDSec 2007 (2007)
Bárász, M., Boros, B., Ligeti, P., Lója, K., Nagy, D.: Passive Attack Against the M2AP Mutual Authentication Protocol for RFID Tags. In: Proc. of First International EURASIP Workshop on RFID Technology (2007)
Shamir, A.: SQUASH - A New MAC With Provable Security Properties for Highly Constrained Devices Such as RFID Tags. In: Nyberg, K. (ed.) FSE 2008. LNCS, vol. 5086, pp. 144–157. Springer, Heidelberg (2008)
Chien, H.-Y.: SASI: A New Ultralightweight RFID Authentication Protocol Providing Strong Authentication and Strong Integrity. IEEE Transactions on Dependable and Secure Computing 4(4), 337–340 (2007)
Hernandez-Castro, J.C., Tapiador, J.M.E., Peris-Lopez, P., Quisquater, J.-J.: Cryptanalysis of the SASI Ultralightweight RFID Authentication Protocol. IEEE Transactions on Dependable and Secure Computing (submitted) (April 2008)
Weis, S.: Security and Privacy in Radio-Frequency Identification Devices. Master Thesis, MIT (2003)
Klimov, A., Shamir, A.: New Applications of T-functions in Block Ciphers and Hash Functions. In: Gilbert, H., Handschuh, H. (eds.) FSE 2005. LNCS, vol. 3557, pp. 18–31. Springer, Heidelberg (2005)
Sun, H.-M., Ting, W.-C., Wang, K.-H.: On the Security of Chien’s Ultralightweight RFID Authentication Protocol. Cryptology ePrint Archive, http://eprint.iacr.org/2008/083
Hernandez-Castro, J.C., Estevez-Tapiador, J.M., Ribagorda-Garnacho, A., Ramos-Alvarez, B.: Wheedham: An automatically designed block cipher by means of genetic programming. In: Proc. of CEC 2006, pp. 192–199 (2006)
Batina, L., Guajardo, J., Kerins, T., Mentens, N., Tuyls, P., Verbauwhede, I.: Public-Key Cryptography for RFID-Tags. In: Proc. of PerCom 2007, pp. 217–222 (2007)
Kumar, S., Paar, C.: Are standards compliant elliptic curve cryptosystems feasible on RFID. In: Proc. of RFIDSec 2006 (2006)
Hell, M., Johansson, T., Meier, W.: Grain: a stream cipher for constrained environments, http://www.ecrypt.eu.org/stream/
Hell, M., Johansson, T., Meier, W.: A stream cipher proposal: Grain-128, http://www.ecrypt.eu.org/stream/
Bogdanov, A., Knudsen, L.R., Leander, G., Paar, C., Poschmann, A., Robshaw, M.J.B., Seurin, Y., Vikkelsoe, C.: PRESENT: An Ultra-Lightweight Block Cipher. In: Paillier, P., Verbauwhede, I. (eds.) CHES 2007. LNCS, vol. 4727, pp. 450–466. Springer, Heidelberg (2007)
Feldhofer, M., Wolkerstorfer, J., Rijmen, V.: AES implementation on a grain of sand. In: Proc. on Information Security, vol. 152, pp. 13–20. IEEE Computer Society, Los Alamitos (2005)
Poschmann, A., Leander, G., Schramm, K., Paar, C.: New Light-Weight Crypto Algorithms for RFID. In: Proc. of ISCAS 2007, pp. 1843–1846 (2007)
Peris-Lopez, P., Hernandez-Castro, J.C., Estevez-Tapiador, J.M., Ribagorda, A.: An Efficient Authentication Protocol for RFID Systems Resistant to Active Attacks. In: Denko, M.K., Shih, C.-s., Li, K.-C., Tsao, S.-L., Zeng, Q.-A., Park, S.H., Ko, Y.-B., Hung, S.-H., Park, J.-H. (eds.) EUC-WS 2007. LNCS, vol. 4809, pp. 781–794. Springer, Heidelberg (2007)
Peris-Lopez, P., Hernandez-Castro, J.C., Estevez-Tapiador, J.M., Ribagorda, A.: LAMED – A PRNG for EPC Class-1 Generation-2 RFID specification. Journal of Computer Standards & Interfaces (2008), doi:10.1016/j.csi.2007.11.013
O’Neill, M. (McLoone): Low-Cost SHA-1 Hash Function Architecture for RFID Tags. In: Hand. of Conference on RFID Security (2008)
Feldhofer, M., Rechberger, C.: A case against currently used hash functions in RFID protocols. In: Hand. of Workshop on RFID and Lightweight Crypto (2006)
Class-1 Generation-2 UHF air interface protocol standard version 1.0.9: “Gen-2” (2005), http://www.epcglobalinc.org/standards/
ISO/IEC 18000-6:2004/Amd:2006 (2006), http://www.iso.org/
Duc, D.N., Park, J., Lee, H., Kim, K.: Enhancing security of EPCglobal Gen-2 RFID tag against traceability and cloning. In: The 2006 Symposium on Cryptography and Information Security (2006)
Chien, H.Y., Chen, C.H.: Mutual authentication protocol for RFID conforming to EPC Class-1 Generation-2 standards. Computer Standards & Interfaces 29(2), 254–259 (2007)
Konidala, D.M., Kim, K.: RFID Tag-Reader Mutual Authentication Scheme Utilizing Tag’s Access Password. Auto-ID Labs White Paper WP-HARDWARE-033 (January 2007)
Burmester, M., de Medewiros, B.: The Security of EPCGen2 Anonymous compliant RFID Protocols. In: Bellovin, S.M., Gennaro, R., Keromytis, A.D., Yung, M. (eds.) ACNS 2008. LNCS, vol. 5037, pp. 490–506. Springer, Heidelberg (2008)
Bono, S., Green, M., Stubblefield, A., Juels, A., Rubin, A., Szydlo, M.: Security analysis of a cryptographically-enabled RFID device. In: Proc. of 14th USENIX Security Symposium, pp. 1–16 (2005)
Garcia, F.D., de Koning Gans, G., Muijrers, R., van Rossum, P., Verdult, R., Wichers Schreur, R.: Dismantling MIFARE Classic. In: Jajodia, S., Lopez, J. (eds.) ESORICS 2008. LNCS, vol. 5283. Springer, Heidelberg (2008)
de Koning Gans, G., Hoepman, J.-H., Garcia, F.D.: A Practical Attack on the MIFARE Classic. In: Grimaud, G., Standaert, F.-X. (eds.) CARDIS 2008. LNCS, vol. 5189, pp. 267–282. Springer, Heidelberg (2008)
Karten, N., Plotz, H.: Mifare little security, despite obscurity (2007), http://events.ccc.de/congress/2007/Fahrplan/events/2378.en.html
Li, T., Wang, G.: SLMAP-A Secure ultra-Lightweight RFID Mutual Authentication Protocol. In: Proc. of Chinacrypt 2007 (2007)
Lo, N.-W., Shie, H.-S., Yeh, K.-H.: A Design of RFID Mutual Authentication Protocol Using Lightweight Bitwise Operations. In: Proc. of JWIS 2008 (2008)
Vajda, I., Buttyán, L.: Lightweight authentication protocols for low-cost RFID tags. In: Dey, A.K., Schmidt, A., McCarthy, J.F. (eds.) UbiComp 2003. LNCS, vol. 2864. Springer, Heidelberg (2003)
Juels, A.: Minimalist cryptography for low-cost RFID tags. In: Blundo, C., Cimato, S. (eds.) SCN 2004. LNCS, vol. 3352, pp. 149–164. Springer, Heidelberg (2005)
Author information
Authors and Affiliations
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2009 Springer-Verlag Berlin Heidelberg
About this paper
Cite this paper
Peris-Lopez, P., Hernandez-Castro, J.C., Tapiador, J.M.E., Ribagorda, A. (2009). Advances in Ultralightweight Cryptography for Low-Cost RFID Tags: Gossamer Protocol. In: Chung, KI., Sohn, K., Yung, M. (eds) Information Security Applications. WISA 2008. Lecture Notes in Computer Science, vol 5379. Springer, Berlin, Heidelberg. https://doi.org/10.1007/978-3-642-00306-6_5
Download citation
DOI: https://doi.org/10.1007/978-3-642-00306-6_5
Publisher Name: Springer, Berlin, Heidelberg
Print ISBN: 978-3-642-00305-9
Online ISBN: 978-3-642-00306-6
eBook Packages: Computer ScienceComputer Science (R0)