Abstract
It is well-known that protocols that satisfy a security property when executed in isolation do not necessarily satisfy the same security property when they are executed in an environment containing other protocols.
We demonstrate this fact on a family of recently proposed RFID protocols by Lee, Batina, and Verbauwhede. We invalidate the authentication and untraceability claims made for several of the family's protocols.
We also present man-in-the-middle attacks on untraceability in all of the protocols in the family. Similar attacks can be carried out on some other protocols in the literature, as well.
We briefly indicate how to repair the protocols.
We demonstrate this fact on a family of recently proposed RFID protocols by Lee, Batina, and Verbauwhede. We invalidate the authentication and untraceability claims made for several of the family's protocols.
We also present man-in-the-middle attacks on untraceability in all of the protocols in the family. Similar attacks can be carried out on some other protocols in the literature, as well.
We briefly indicate how to repair the protocols.
| Original language | English |
|---|---|
| Pages (from-to) | 1-8 |
| Number of pages | 8 |
| Journal | Cryptology ePrint Archive |
| Volume | 2009 |
| Issue number | 332 |
| Publication status | Published - 8 Jul 2009 |
Keywords
- Cryptographic protocols/RFID protocols
- Authentication
- Compositionality
- Untraceability