EC-RAC: Enriching a Capacious RFID Attack Collection

Ton van Deursen, Saša Radomirović

Research output: Chapter in Book/Report/Conference proceedingConference contribution

12 Citations (Scopus)

Abstract

We demonstrate two classes of attacks on EC-RAC, a growing set of RFID protocols. Our first class of attacks concerns the compositional approach used to construct a particular revision of EC-RAC. We invalidate the authentication and privacy claims made for that revision. We discuss the significance of the fact that RFID privacy is not compositional in general. Our second class of attacks applies to all versions of EC-RAC and reveals hitherto unknown vulnerabilities in the latest version of EC-RAC. It is a general man-in-the-middle attack executable by a weak adversary. We show a general construction for improving narrow-weak private protocols to wide-weak private protocols and indicate specific improvements for the flaws of EC-RAC exhibited in this document.

Original languageEnglish
Title of host publicationRadio Frequency Identification
Subtitle of host publicationSecurity and Privacy Issues - 6th International Workshop, RFIDSec 2010 Istanbul, Turkey, June 8-9, 2010 Revised Selected Papers
EditorsSiddika Berna, Ors Yalcin
Place of PublicationBerlin
PublisherSpringer Verlag
Pages75-90
Number of pages16
ISBN (Electronic)9783642168222
ISBN (Print)9783642168215
DOIs
Publication statusPublished - 2010
Event6th International Workshop on Radio Frequency Identification: Security and Privacy Issues - Istanbul, Turkey
Duration: 8 Jun 20109 Jun 2010

Publication series

NameLecture Notes in Computer Science
Volume6370
ISSN (Print)0302-9743
ISSN (Electronic)1611-3349

Workshop

Workshop6th International Workshop on Radio Frequency Identification: Security and Privacy Issues
Abbreviated titleRFIDSec 2010
CountryTurkey
CityIstanbul
Period8/06/109/06/10

Keywords

  • Attacks
  • Authentication
  • Compositionality
  • Privacy
  • RFID

Fingerprint Dive into the research topics of 'EC-RAC: Enriching a Capacious RFID Attack Collection'. Together they form a unique fingerprint.

  • Cite this

    van Deursen, T., & Radomirović, S. (2010). EC-RAC: Enriching a Capacious RFID Attack Collection. In S. Berna, & O. Yalcin (Eds.), Radio Frequency Identification: Security and Privacy Issues - 6th International Workshop, RFIDSec 2010 Istanbul, Turkey, June 8-9, 2010 Revised Selected Papers (pp. 75-90). (Lecture Notes in Computer Science ; Vol. 6370 ). Springer Verlag. https://doi.org/10.1007/978-3-642-16822-2_8