Attacks on Recent RFID Authentication Protocols

Abstract

The developing of RFID systems in sensitive applications like e-passport, e-health, credit cards, and personal devices, makes it necessary to consider the related issues such as maximum reading distance, communication speed and data security. The use of signal processing methods is an efficient and convenient way to achieve the maximum reading distance and communication rate. However, the signal processing techniques are not adequate to provide a reasonable level of security and privacy for RFID systems. Thus, it is necessary to employ specific authentication protocols which assure data security and preserve the user's privacy. Among other security and privacy characteristic of an RFID authentication protocol, the untraceability and synchronization are the most important attributes. The former is strongly related to the privacy of tags and their holders, while the later has a significant role in the security and availability parameters. In this paper, we investigate two RFID authentication protocols proposed by Duc and Kim, and Song and Mitchell in terms of privacy and security. We analyze the protocol proposed by Duc and Kim and present desynchronization, traceability and forward traceability attacks. Besides, we study the weaknesses in the Song and Mitchell's protocol and address its defects by applying desynchronization, traceability and backward traceability attacks. We also propose our revisions to secure the Song and Mitchell's protocol against traceability and desynchronization attacks.