Attacks and Improvements to an RFID Mutual Authentication Protocol and its Extensions - PowerPoint PPT Presentation

About This Presentation
Title:

Attacks and Improvements to an RFID Mutual Authentication Protocol and its Extensions

Description:

Title: Slide 1 Author: TAN Chia-Zhi Last modified by: aaa Created Date: 5/18/2005 3:13:04 AM Document presentation format: On-screen Show Company: SMU – PowerPoint PPT presentation

Number of Views:72
Avg rating:3.0/5.0
Slides: 20
Provided by: TANC150
Learn more at: http://www.mysmu.edu
Category:

less

Transcript and Presenter's Notes

Title: Attacks and Improvements to an RFID Mutual Authentication Protocol and its Extensions


1
Attacks and Improvements to an RFID Mutual
Authentication Protocol and its Extensions
Second ACM Conference on Wireless Network
Security (WiSec 09)
  • Shaoying Cai1 Yingjiu Li1
  • Tieyan Li2 Robert H. Deng1

1Singapore Management University 2Institute for
Infocomm Research (I2R) March 16-18, 2009,
Zurich, Switzerland
2
Overall
RFID Authentication Protocol for Low-Cost Tags
B. Song and C. J. Mitchell (WiSec 08)
Tag impersonation attack
Song-Mitchell Protocol
Server impersonation attack
RFID Tag Ownership Transfer B. Song (RFIDsec 08)
Songs Secret Update Protocol
De-synchronization attack
3
Outline
  • RFID Background
  • Attacks and Improvements to
  • the SongMitchell Protocol
  • Attacks and Improvements to
  • the Songs Secret Update
    Protocol
  • Conclusions

4
Radio Frequency Identification System
Components Tag, Reader, Back-end database
Characteristics Wireless connection ( tag ??
reader ) Limited
capability of the tags

Attacker Model Active attacker
100 meters
Tag
Reader
Backend Server
Attacker
5
Privacy and Security Concerns of Mutual
Authentication Protocol
  • Tag information privacy
  • Tag location privacy
  • Resistance to server\tag impersonation attack
  • Resistance to replay attack
  • Resistance to de-synchronization attack
  • Forward and backward security

6
Privacy Concerns of Ownership Transfer
  • New owner privacy
  • Old owner privacy
  • Authorization recovery

7
Song-Mitchell Mutual Authentication Protocol
ti h(si)
Identification
Implicit tag authentication
Update
Server authentication
Update
8
Server Impersonation Attack
r1
M1 , M2
M3
Em, you are valid.
M1 , M3
Im server
r1
Result ?
M1, M2
M3
9
Result of Server Impersonation Attack
(si,ti)new, (si,ti)old
Ti
Server
t
Search database, Search Search. But,
r1
M1 , M2
Its me, Ti. I was changed by Attacker.
Who are you?
10
Tag Impersonation Attack
Im server
Ti
r1
M1, M2
Yeah, you are Ti.
Im tag Ti
r1
Result ?
M1, M2
M3
11
Vulnerability Analysis

gtgt
S gtgt l/2 SR SL
12
Modified Song-Mitchell Protocol

13
Song's secret update protocol
ti ? ti
14
De-Synchronization Attack
Update Tis secret to ti

Ti
r1 , M1, M2
Ti
r1 , M1 , M2
r2, M3
Updates to ti
15
Modified Tag Update Protocol
16
Conclusions
Song-Mitchell mutual authentication protocol
Server impersonation attack
Tag impersonation attack
Tag secret update protocol
De-synchronization attack
17
Discussion
  • Performance

F denotes a computationally complex function such
as hash and keyed hash, and k is an integer
between 1 and 2N
  • Formal Proof

Will be given in our future work.
18
Q A?
19
Thank you!
  • Shaoying Cai
  • sycai_at_smu.edu.sg
Write a Comment
User Comments (0)
About PowerShow.com
Home About Us Terms and Conditions Privacy Policy Presentation Removal Request Contact Us
Copyright 2024 CrystalGraphics, Inc. — All rights Reserved. PowerShow.com is a trademark of CrystalGraphics, Inc.
The PowerPoint PPT presentation: "Attacks and Improvements to an RFID Mutual Authentication Protocol and its Extensions" is the property of its rightful owner.
Do you have PowerPoint slides to share? If so, share your PPT presentation slides online with PowerShow.com. It's FREE!