Abstract
Peris-Lopez et al. (J Netw Comput Appl 34:833–845, 2011) recently provided some guidelines that should be followed to design a secure yoking proof protocol. In addition, conforming to those guidelines and EPC C1-G2, they presented a yoking proof for medical systems based on low-cost RFID tags, named Kazahaya. In this paper, we compromise its security and show how a passive adversary can retrieve secret parameters of a patient’s tag in cost of $$O(2^{16})$$ off-line PRNG evaluations. Nevertheless, to show other weaknesses of the protocol and rule out any possible improvement by increasing the length of the used PRNG, we present a forgery attack that proves that a generated proof at time $$t_n$$ can be used to forge a valid proof for any desired time $$t_j$$ . The success probability of this attack is ‘1’ and the complexity is negligible. In addition, we present a new lightweight protocol based on 128-bit PRNG function to solve the problems of Kazahaya protocol. In terms of security, we evaluate the new protocol based on formal and informal methods and prove that the improved protocol is not vulnerable to RFID attacks.
Talk to us
Join us for a 30 min session where you can share your feedback and ask us any queries you have
Disclaimer: All third-party content on this website/platform is and will remain the property of their respective owners and is provided on "as is" basis without any warranties, express or implied. Use of third-party content does not indicate any affiliation, sponsorship with or endorsement by them. Any references to third-party content is to identify the corresponding services and shall be considered fair use under The CopyrightLaw.