Strengthening the Security of EPC C-1 G-2 RFID Standard

Abstract

In this paper, we analyze the security of AZUMI protocol which is compliant with EPC-Class-1 Generation-2 standard and recently has been proposed by Peris et al. This protocol is an improvement to a protocol proposed by Chen and Deng which has been cryptanalysed by Peris et al. and Kapoor and Piramuthu. However, our security analysis clearly shows that the designers were not successful in their attempt to improve Chen and Deng protocol. More precisely, we present an efficient passive attack to disclose the tag and the reader secret parameters, due to PRNG and the length of the values. In addition, we present a simple tag impersonation attack against this protocol. The success probability of all attacks are almost "1" and the cost of given attacks are at most eavesdropping two sessions of protocol. However, the given secrets disclosure attack also requires $$O(2^{16})$$ off-line evaluations of a $$PRNG$$ function. To counteract such flaws, we improve the AZUMI protocol by applying some minor modifications so that it provides the claimed security properties.