Paper Info
Title
Cryptanalysis of the David-Prasad RFID ultralightweight authentication protocol
Abstract
In September 2009, David and Prasad proposed at MobiSec' 09 an interesting new ultralightweight mutual authentication protocol for low-cost RFID tags. In this paper, we present a quite powerful cryptanalytic attack against their proposal: we start with a traceability attack, then describe how it can be extended to leak long-term stored secrets, and finally present a full disclosure attack (named Tango attack) where all the secrets that the protocol is designed to conceal are shown to be retrievable, even by a passive attacker after eavesdropping only a small number of authentication sessions. These results imply that very realistic attack scenarios are completely possible. The Tango attack constitutes a new, simple, yet powerful technique of cryptanalysis which is based on the computation and full exploitation of multiple approximations to the secret values, using Hamming distances and the representation of variables in an n-dimensional space.
Year
DOI
Venue
2010
10.1007/978-3-642-16822-2_3
RFIDSec
Keywords
Field
DocType
new ultralightweight mutual authentication,authentication session,powerful cryptanalytic attack,hamming distance,tango attack,full disclosure attack,full exploitation,david-prasad rfid ultralightweight authentication,traceability attack,powerful technique,realistic attack scenario,authentication protocol
Mutual authentication,Computer security,Challenge–response authentication,Computer science,Cryptanalysis,Pre-play attack,Authentication protocol,Chosen-ciphertext attack,Reflection attack,Ciphertext-only attack
Conference
Volume
ISSN
ISBN
6370
0302-9743
3-642-16821-3
Citations 
PageRank 
References 
19
1.00
7
Authors
4
Name
Order
Citations
PageRank
Julio Cesar Hernandez-Castro146422.81
Pedro Peris-Lopez2107661.84
Raphael C.-W. Phan370366.89
Juan M. E. Tapiador41026.16