research-article

Cryptanalysis of Dimitriou's Key Evolving RFID Systems

Authors:

Chung-Lun Cheng,

Chun-Ta LiAuthors Info & Claims

ICNCC '16: Proceedings of the Fifth International Conference on Network, Communication and Computing

Pages 229 - 233

https://doi.org/10.1145/3033288.3033292

Published: 17 December 2016 Publication History

Abstract

In the last decade, the technology of Radio Frequency Identification (RFID) has boomed in the wireless communication environment. Applications of RFID have matured and reached far into various fields such as smart building, healthcare, supply chain management, etc. However, along with the rapid advancement of RFID systems have come many security issues, among which stands the transfer of ownership. Generally speaking, RFID tags can be reused multiple times, and the identity of the owner of a tag can vary in different scenarios. Recently, Tassos Dimitriou published a study that presented several key evolving schemes and discussed the issue of how the ownership of RFID tags could be properly transferred with some security requirements met. Unfortunately, Dimitriou's systems have some security vulnerabilities. In this paper, the authors shall point out some weak-nesses of Dimitriou's RFID systems including the mutual authentication part of the basic authentication scheme, the backward privacy problem of the key update scheme, as well as backward privacy for controlled delegation and authorization recovery.

References

[1]

Asghar, M.H., Negi, A., and Mohammadzadeh, N., 2015. Principle application and vision in Internet of Things (IoT). In Computing, Communication & Automation (ICCCA), 2015 International Conference on, 427--431.

[2]

Lee, C.C., Hwang, M.S., and Liao, I.E., 2006. Security enhancement on a new authentication scheme with anonymity for wireless environments. IEEE Transactions on Industrial Electronics 53, 5, 1683--1687.

[3]

Miorandi, D., Sicari, S., De Pellegrini, F., and Chlamtac, I., 2012. Internet of things: Vision, applications and research challenges. Ad Hoc Networks 10, 7, 1497--1516.

Digital Library

[4]

Li, C.-T., Weng, C.-Y., and Lee, C.-C., 2015. A secure RFID tag authentication protocol with privacy preserving in telecare medicine information system. Journal of medical systems 39, 8, 1--8.

Digital Library

[5]

Weinstein, R., 2005. RFID: a technical overview and its application to the enterprise. IT Professional 7, 3, 27--33.

Digital Library

[6]

He, D. and Zeadally, S., 2015. An analysis of RFID authentication schemes for Internet of Things in healthcare environment using elliptic curve cryptography. IEEE Internet of Things Journal 2, 1, 72--83.

[7]

Lee, C.-C., Lou, D.-C., Li, C.-T., and Hsu, C.-W., 2014. An extended chaotic-maps-based protocol with key agreement for multiserver environments. Nonlinear Dynamics 76, 1, 853--866.

[8]

Niu, H., Taqieddin, E., and Jagannathan, S., 2016. EPC Gen2v2 RFID standard authentication and ownership management protocol. IEEE Transactions on Mobile Computing 15, 1, 137--149.

Digital Library

[9]

Zhang, Z., Wang, H., and Gao, Y., 2015. C2MP: Chebyshev chaotic map-based authentication protocol for RFID applications. Personal and Ubiquitous Computing 19, 7, 1053--1061.

Digital Library

[10]

Cui, P.-Y., 2016. An Improved Ownership Transfer and Mutual Authentication for Lightweight RFID Protocols. International Journal of Network Security 18, 6, 1173--1179.

[11]

Chikouche, N., Foudil, C., Cayrel, P.-L., and Benmohammed, M., 2015. Improved RFID Authentication Protocol Based on Randomized McEliece Cryptosystem. International Journal of Network Security 17, 4, 413--422.

[12]

Zuo, Y., 2010. Survivable RFID systems: Issues, Challenges, and Techniques. IEEE Transactions on Systems, Man, and Cybernetics, Part C (Applications and Reviews) 40, 4, 406--418.

Digital Library

[13]

Dimitriou, T., 2016. Key evolving RFID systems: Forward/backward privacy and ownership transfer of RFID tags. Ad Hoc Networks 37, 195--208.

Digital Library

[14]

Sundaresan, S., DOSS, R., ZHOU, W., and PIRAMUTHU, S., 2015. Secure ownership transfer for multi-tag multi-owner passive RFID environment with individual-owner-privacy. Computer Communications 55, 112--124.

Digital Library

[15]

Peris-Lopez, P., Hernandez-Castro, J.C., Tapiador, J.M.E., LI, T., and LI, Y., 2010. Vulnerability analysis of RFID protocols for tag ownership transfer. Computer Networks 54, 9, 1502--1508.

Digital Library

[16]

Kardas, S., Akg, M., Kiraz, M.S., and Demirci, H., 2011. Cryptanalysis of lightweight mutual authentication and ownership transfer for RFID systems. In 2011 Workshop on Lightweight Security & Privacy: Devices, Protocols and Applications (LightSec), 20--25.

Digital Library

[17]

Lee, C.-C., Chen, C.-T., LI, C.-T., and Wu, P.-H., 2014. A practical RFID authentication mechanism for digital television. Telecommunication Systems 57, 3, 239--246.

Digital Library

[18]

Wang, L., Chen, K., Mao, X., and Wang, Y., 2015. On the security of a forward-backward secure signature scheme. International Journal of Network Security 17, 3, 307--310.

[19]

Wang, S., Liu, S., and Chen, D., 2012. Analysis and construction of efficient RFID authentication protocol with backward privacy. In China Conference on Wireless Sensor Networks Springer, 458--466.

Cited By

Luo JYang M(2019)A Secure Partial RFID Ownership Transfer Protocol with Multi-OwnersSensors10.3390/s2001002220:1(22)Online publication date: 19-Dec-2019
https://doi.org/10.3390/s20010022
Lee CChen SLi CCheng CLai Y(2018)Cryptanalysis of AN RFID Ownership Transfer Protocol Based on Cloud2018 5th IEEE International Conference on Cyber Security and Cloud Computing (CSCloud)/2018 4th IEEE International Conference on Edge Computing and Scalable Cloud (EdgeCom)10.1109/CSCloud/EdgeCom.2018.00032(134-139)Online publication date: Jun-2018
https://doi.org/10.1109/CSCloud/EdgeCom.2018.00032
Lee CLi CCheng CLai YVasilakos A(2018)A Novel Group Ownership Delegate Protocol for RFID SystemsInformation Systems Frontiers10.1007/s10796-018-9835-xOnline publication date: 19-Feb-2018
https://doi.org/10.1007/s10796-018-9835-x

Recommendations

Key evolving RFID systems

RFID, which stands for Radio Frequency Identification, is a relatively new technology often envisioned as an enabler of the Internet of Things. The widespread use of this technology, however, introduces many security and privacy risks since tags contain ...
A scalable RFID authentication protocol supporting ownership transfer and controlled delegation
RFIDSec'11: Proceedings of the 7th international conference on RFID Security and Privacy

RFID systems allow fast and automatic identification of RFID tags through a wireless channel. Information on product items like name, model, purpose, expiration date, etc., can be easily stored and retrieved from RFID tags attached to items. That is why,...
Attacks on ownership transfer scheme for multi-tag multi-owner passive RFID environments

Sundaresan etźal. proposed recently a novel ownership transfer protocol for multi-tag multi-owner RFID environments that complies with the EPC Class1 Generation2 standard. The authors claim that this provides individual-owner privacy and prevents ...

Comments

Information & Contributors

Information

Published In

cover image ACM Other conferences

ICNCC '16: Proceedings of the Fifth International Conference on Network, Communication and Computing

December 2016

343 pages

ISBN:9781450347938

DOI:10.1145/3033288

Copyright © 2016 ACM.

Permission to make digital or hard copies of all or part of this work for personal or classroom use is granted without fee provided that copies are not made or distributed for profit or commercial advantage and that copies bear this notice and the full citation on the first page. Copyrights for components of this work owned by others than ACM must be honored. Abstracting with credit is permitted. To copy otherwise, or republish, to post on servers or to redistribute to lists, requires prior specific permission and/or a fee. Request permissions from [email protected]

Publisher

Association for Computing Machinery

New York, NY, United States

Publication History

Published: 17 December 2016

Permissions

Request permissions for this article.

Request Permissions

Check for updates

Author Tags

Qualifiers

Research-article
Research
Refereed limited

Conference

ICNCC '16

ICNCC '16: Fifth International Conference on Network, Communication and Computing

December 17 - 21, 2016

Kyoto, Japan

Contributors

Other Metrics

View Article Metrics

Bibliometrics & Citations

Bibliometrics

Article Metrics

3
Total Citations
View Citations
63
Total Downloads

Downloads (Last 12 months)2
Downloads (Last 6 weeks)0

Reflects downloads up to 09 Nov 2024

Other Metrics

View Author Metrics

Citations

Cited By

Luo JYang M(2019)A Secure Partial RFID Ownership Transfer Protocol with Multi-OwnersSensors10.3390/s2001002220:1(22)Online publication date: 19-Dec-2019
https://doi.org/10.3390/s20010022
Lee CChen SLi CCheng CLai Y(2018)Cryptanalysis of AN RFID Ownership Transfer Protocol Based on Cloud2018 5th IEEE International Conference on Cyber Security and Cloud Computing (CSCloud)/2018 4th IEEE International Conference on Edge Computing and Scalable Cloud (EdgeCom)10.1109/CSCloud/EdgeCom.2018.00032(134-139)Online publication date: Jun-2018
https://doi.org/10.1109/CSCloud/EdgeCom.2018.00032
Lee CLi CCheng CLai YVasilakos A(2018)A Novel Group Ownership Delegate Protocol for RFID SystemsInformation Systems Frontiers10.1007/s10796-018-9835-xOnline publication date: 19-Feb-2018
https://doi.org/10.1007/s10796-018-9835-x

View Options

Get Access

Login options

Check if you have access through your login credentials or your institution to get full access on this article.

Full Access

Get this Publication

View options

PDF

View or Download as a PDF file.

eReader

View online with eReader.

Media

Figures

Other

Tables

View Table of Contents