Disclosure Attacks Research Articles

Discovering Suppliers’ Customers by means of Statistical Disclosure Attacks

This paper analyses the vulnerability of a Radio Frequency IDentification (RFID) equipped distribution centre (DC) of a supply chain against the Statistical Disclosure Attack (SDA). We built a simulation model to assess the success probabilities of the attack against differently configured distribution centres and attackers. The success probability of an SDA against a DC varies, depending on the organization of the DC, as well as on the number of customers and their structure. The success probability decreases if a supplier delivers multiple products to a customer in a single round, as well as if the fraction of observed deliveries by the attacker falls below a certain threshold.

Security Analysis and Improvement on Two RFID Authentication Protocols

Several lightweight RFID authentication protocols have been proposed to settle the security and privacy problems. Nevertheless, most of these protocols are analyzed and they are not successful in their attempt to achieve the claimed security objectives. In this paper, we consider the security of two recently proposed typical RFID authentication protocols: RAPLT protocol and SRP+ protocol. RAPLT protocol is a new ultra-lightweight RFID protocol based on two new operations named $$merge$$merge and $$separation$$separation. Utilizing the linear property of the $$merge$$merge operation, we present a passive disclosure attack on RAPLT protocol, and we can deduce the shared secrets with overwhelming probability after eavesdropping about 100 round authentication sessions. SRP+ protocol is a novel secure RFID authentication protocol conforming to the EPC C-1 G-2 standard, and we present efficient de-synchronization attack and passive disclosure attack through exhaustive search. Our disclosure attack only needs one run of the protocol, and the attack complexity is $$O(2^{16})$$O(216) evaluation of the PRNG function in off-line analysis mode. In addition, to counteract the vulnerabilities, we propose a new modified version of SRP+ protocol, denoted by $$ SRP ^{++}$$SRP++, conforming to the EPC C-1 G-2 standard. Our security analysis demonstrates that $$ SRP ^{++}$$SRP++ protocol can resist the exhaustive search attack with the complexity $$O(2^{32})$$O(232), which is the optimal security bound.

A reliable recommendation and privacy-preserving based cross-layer reputation mechanism for mobile cloud computing

Mobile cloud computing (MCC) is gaining popularity due to anywhere anytime data access. However, at the same time it also introduces the new privacy and security threats that have become an obstacle to the widespread use and popularity of MCC. In this paper, we propose a reliable recommendation and privacy preserving based cross-layer reputation mechanism (RP-CRM) to provide secure and privacy-aware communication process in wireless mesh networks (WMNs) based MCC (WM-MCC). RP-CRM integrates the cross-layer design with recommendation reputation reliability evaluation mechanism and the privacy preserving scheme to identify and manage the internal malicious nodes and protect the security and privacy against internal multi-layer attack, bad mouthing attack and information disclosure attack. Simulation results and performance analysis demonstrate that RP-CRM can provide rapid and accurate malicious node identification and management, and provide security and privacy protection against aforementioned attacks more effectively and efficiently.

A Least Squares Approach to the Static Traffic Analysis of High-Latency Anonymous Communication Systems

Mixes, relaying routers that hide the relation between incoming and outgoing messages, are the main building block of high-latency anonymous communication networks. A number of so-called disclosure attacks have been proposed to effectively de-anonymize traffic sent through these channels. Yet, the dependence of their success on the system parameters is not well-understood. We propose the Least Squares Disclosure Attack (LSDA), in which user profiles are estimated by solving a least squares problem. We show that LSDA is not only suitable for the analysis of threshold mixes, but can be easily extended to attack pool mixes. Furthermore, contrary to previous heuristic-based attacks, our approach allows us to analytically derive expressions that characterize the profiling error of LSDA with respect to the system parameters. We empirically demonstrate that LSDA recovers users' profiles with greater accuracy than its statistical predecessors and verify that our analysis closely predicts actual performance.

A New Ultralightweight RFID Protocol for Low-Cost Tags: R $$^{2}$$ 2 AP

Several ultralightweight radio frequency identification (RFID) authentication protocols have been proposed in recent years. However, all of these protocols are reported later that they are vulnerable to various kinds of attacks (such as replay attack, de-synchronization attack, full disclosure attack, etc.) and/or have user privacy concerns. In this paper, we propose a new ultralightweight RFID protocol named reconstruction based RFID authentication protocol (R $$^{2}$$ 2 AP), which is based on the use of a new bitwise operation reconstruction. Operation reconstruction has three important properties: Hamming weight unpredictability, irreversibility and effectiveness. Some or all of these properties are absent in previous protocols and therefore has caused a lot of insecurity issues. The proposed R $$^{2}$$ 2 AP takes advantage of reconstruction to guarantee security of RFID system. Furthermore, we improve the Juels---Weis untraceability model so that the extended mathematic model can be used to analyze security functionality for ultralightweight RFID protocols. Our security analysis and performance evaluations demonstrate that (1) R $$^{2}$$ 2 AP can withstand all attacks mentioned in the paper and protect users' privacy; (2) R $$^{2}$$ 2 AP is indeed an effective RFID protocol that can be implemented on low-cost tags.

A Review of Privacy Preservation Technique

Privacy-preserving is one of the most important challenges in a computer world, because of the huge amount of sensitive information on the internet. The paper contains several privacy preservation techniques for data publishing in the real world. There are several privacy attacks are associate but among of them mainly two attacks are record linkage and attribute linkage. Many scientists have proposed methods to preserve the privacy of data publishing such as K-anonymity, l-diversity, t-closeness. K-anonymity can prevent the record linkage but unable to protect attribute linkage. l-diversity technique overcomes the drawback of k-anonymity technique but it fail to protect from membership discloser attack. Tcloseness technique prevents to attribute discloser attack but it fail in identity disclosure attack. Its computational complexity is large. In this paper we present the novel technique call slicing which to be implemented with various data set through prevent the privacy preservation for data publishing. The goals of this paper is re-analysis a number of privacy preservation of data mining technique clearly and then study the advantages and disadvantages of this technique.

Security enhancement of the authenticated RFID security mechanism based on chaotic maps

ABSTRACTWith the fast growth of the automatic authentication and asset tracking usage in a wide variety of applications in different fields, government, logistics, transportation and retail are among the most supportive of the radio‐frequency identification (RFID) market. Security is a crucial issue and must be addressed seriously. RFID security must meet the public demand of data protection. Recently, several lightweight RFID authentication protocols conforming to the EPCglobal Class 1 Generation 2 (EPC C1‐G2) standard have been proposed. In this paper, we present efficient attacks against the authenticated RFID security mechanism of Chang et al. based on Chebyshev chaotic maps, which is the first solution that adopted the chaos in the RFID authentication process. It turns out that this protocol has fundamental weaknesses that can be used by an adversary to break the system. We will show that this protocol is vulnerable to tracking attack, secret disclosure attack, impersonation attack and desynchronization attack. The proposed attack techniques are in light of two flaws related to the message generation and the shared‐secret update process, which are not neatly scrutinized. Then, we propose an improved RFID authentication protocol based on the Chebyshev chaotic map hard problem, conforming to the EPC C1‐G2 standard with more flexibility, security and mobility for the RFID application. Copyright © 2014 John Wiley & Sons, Ltd.

Anonymizied Approach to Preserve Privacy of Published Data Through Record Elimination

Data mining is the process of analyzing data. Data Privacy is collection of data and dissemination of data. Privacy issues arise in different area such as health care, intellectual property, biological data, financial transaction etc. It is very difficult to protect the data when there is transfer of data. Sensitive information must be protected. There are two kinds of major attacks against privacy namely record linkage and attribute linkage attacks. Research have proposed some methods namely k-anonymity, l-diversity, t-closeness for data privacy. K-anonymity method preserves the privacy against record linkage attack alone. It is unable to prevent address attribute linkage attack. l-diversity method overcomes the drawback of k-anonymity method. But it fails to prevent identity disclosure attack and attribute disclosure attack. t-closeness method preserves the privacy against attribute linkage attack but not identity disclosure attack. A proposed method used to preserve the privacy of individuals' sensitive data from record and attribute linkage attacks. In the proposed method, privacy preservation is achieved through generalization by setting range values and through record elimination. A proposed method overcomes the drawback of both record linkage attack and attribute linkage attack

Recursive Linear and Differential Cryptanalysis of Ultralightweight Authentication Protocols

Privacy is faced with serious challenges in the ubiquitous computing world. In order to handle this problem, some researchers in recent years have focused on design and analysis of privacy-friendly ultralightweight authentication protocols. Although the majority of these schemes have been broken to a greater or lesser extent, most of these attacks are based on ad-hoc methods that are not extensible to a large class of ultralightweight protocols. So this research area still suffers from the lack of structured cryptanalysis and evaluation methods. In this paper, we introduce new frameworks for full disclosure attacks on ultralightweight authentication protocols based on new concepts of recursive linear and recursive differential cryptanalysis. The recursive linear attack is passive, deterministic, and requires only a single authentication session, if it can be applied successfully. The recursive differential attack is more powerful and can be applied to the protocols on which the linear attack may not work. This attack is probabilistic, active in the sense that the attacker suffices only to block some specific messages, and requires a few authentication sessions. Having introduced these frameworks in a general view, we apply them on some well-known ultralightweight protocols. The first attack can retrieve all the secret data of Yeh and SLMAP authentication protocols and the second one can retrieve all the secret data of LMAP <sup xmlns:mml="http://www.w3.org/1998/Math/MathML" xmlns:xlink="http://www.w3.org/1999/xlink">++</sup> , SASI, and David-Prasad authentication protocols.

A New Method for Preserving Privacy in Data Publishing Against Attribute and Identity Disclosure Risk

Sharing, transferring, mining and publishing data are fundamental operations in day to day life. Preserving the privacy of individuals is essential one. Sensitive personal information must be protected when data are published. There are two kinds of risks namely attribute disclosure and identity disclosure that affects privacy of individuals whose data are published. Early Researchers have contributed new methods namely k-anonymity, l-diversity, t-closeness to preserve privacy. K-anonymity method preserves privacy of individuals against identity disclosure attack alone. But Attribute disclosure attack makes compromise this method. Limitation of k-anonymity is fulfilled through l-diversity method. but it does not satisfies the privacy against identity disclosure attack and attribute disclosure attack in some scenarios. The efficiency of t-closeness method is better than k-anonymity and l-diversity. But the complexity of Computation is more than other proposed methods. In this paper, the authors contributes a new method for preserving the privacy of individuals’ sensitive information from attribute and identity disclosure attacks. In the proposed method, privacy preservation is full filled through generalization of quasi identifiers by setting range values.

Weaknesses in a new ultralightweight RFID authentication protocol with permutation—RAPP

ABSTRACTTian et al. proposed a novel ultralightweight RFID mutual authentication protocol [1] that has recently been analyzed in several articles. In this letter, we first propose a desynchronization attack that succeeds with probability almost 1, which improves upon the 0.25 given in a previous analysis by Ahmadian et al. We also show that the bad properties of the proposed permutation function can be exploited to disclose several bits of the tag's secret (rather than just 1 bit as previously shown by Avoine et al.), which increases the power of a traceability attack. Finally, we show how to extend the aforementioned attack to run a full disclosure attack, which requires to eavesdrop less protocol runs than the proposed attack by Wang et al. (i.e., 192 &lt; &lt; 2 30). Copyright © 2013 John Wiley &amp; Sons, Ltd.

Security analysis of a RFID authentication protocol based on physically unclonable function

The Radio Frequency IDentification(RFID) authentication protocols based on Physically Unclonale Function(PUF) is a hot research field recent years.In 2011,Bassil et al.proposed a new RFID authentication protocol based on PUF in international conference on Internet technology and secured transactions(BASSIL R,EL-BEAINO W,KAYSSI A,et al.A PUF-based ultra-lightweight mutual-authentication RFID protocol [C]// 2011 International Conference on Internet Technology and Secured Transactions.Piscataway: IEEE,2011: 495-499).The paper analyzed the security of this protocol by an imaginative adversary and found that it cannot resist secret disclosure attack,traceability attack,reader impersonation attack and desynchronization attack.The paper described the details of these attacks and computed their success probabilities and computation complexities.

A note on the security of IS-RFID, an inpatient medication safety

ObjectiveIn this paper we investigate the security level of a comprehensive RFID solution to enhance inpatient medication safety [2], named IS-RFID, which has been recently proposed by Peris-Lopez et al. MethodWe analyses the security of the protocol against the known attacks in the context. The main target of this paper is to determine whether the new protocol provides the confidentiality property, which is expected to be provided by such a protocol. ResultsIt was found that IS-RFID has critical weaknesses. The presented security investigations show that a passive adversary can retrieve secret parameters of patient's tag in cost of O(216) off-line PRNG evaluations. Given the tag's secret parameters, any security claims are ruined. ConclusionsIn this paper we presented an efficient passive secret disclosure attack which retrieves the main secret parameters related to the patient which shows that IS-RFID may put the patient safety on risk. The proposed attacking technique is in light of two vulnerabilities of the protocol: (1) the short length of the used PRNG, which is urged by the target technology, EPC C1 Gen2 [6]; (2) the message-generating mechanism utilizing PRNG was not carefully scrutinized. While the later point can be fixed by careful designing of the transferred messages between the protocol's party, the earlier point, i.e., the short length of the available PRNG for EPC C1 Gen2 tags, is a limitation which is forced by the technology. In addition, over the last years, schemes based solely on using simple operations or short PRNG (such as IS-RFID) have been shown to offer very low or no security at all. Recent advances in lightweight ciphers, such as PRESENT [1] or Grain [3], seem a much more appropriate solution rather than relying on short PRNGs. However, such solutions breaks the EPC C1 Gen2 compatibility.

Cryptanalysis of the RNTS system

Internet of Things is a paradigm that enables communication between different devices connected to a local network or to Internet. Identification and communication between sensors used in Internet of Things and devices like smart-phones or tablets are established using radio frequency identification technology. However, this technology still has several security and privacy issues because of its severe computational constraints. In 2011, Jeong and Anh proposed the combined use of an authentication radio frequency identification protocol together with a ticket issuing system for bank services (in J. Supercomput. 55:307, 2011). In this paper we show that their message generation is weak, because it abuses the XOR operation and the use of a counter, which leaks too much secret protocol information. Our analysis shows important security faults that ruin most of the security properties claimed in the original paper. More precisely, information privacy (via a disclosure and leakage attack) and location privacy (traceability attack) are both compromised. Moreover, an attacker can disrupt the proper working of the system by exploiting the fact that message integrity is not properly checked.

Implementation of a Memory Disclosure Attack on Memory Deduplication of Virtual Machines

Memory deduplication improves the utilization of physical memory by sharing identical blocks of data. Although memory deduplication is most effective when many virtual machines with same operating systems run on a CPU, cross-user memory deduplication is a covert channel and causes serious memory disclosure attack. It reveals the existence of an application or file on another virtual machine. The covert channel is a difference in write access time on deduplicated memory pages that are re-created by Copy-On-Write, but it has some interferences caused by execution environments. This paper indicates that the attack includes implementation issues caused by memory alignment, self-reflection between page cache and heap, and run-time modification (swap-out, anonymous pages, ASLR, preloading mechanism, and self-modification code). However, these problems are avoidable with some techniques. In our experience on KSM (kernel samepage merging) with the KVM virtual machine, the attack could detect the security level of attacked operating systems, find vulnerable applications, and confirm the status of attacked applications.

SDA-2H: Understanding the Value of Background Cover Against Statistical Disclosure

The statistical disclosure attack (SDA) is an effective method for compromising the anonymity of users in a mix based system. Cover traffic, in the form of fake or dummy messages sent by other users of the mix, is an effective defense to make the task of the attacker difficult. Our aim is to examine the effect that background cover -- the cover traffic sent by other users -- has on the effectiveness of statistical disclosure attacks. Since the original SDA does not explicitly account for background traffic volumes, we developed an extension to the SDA called SDA-2H that uses this information to improve upon the SDA. Based on this attack, we are able to quantify the importance of background cover traffic, which we show in simulation to be effective in many scenarios.

Cryptanalysis of the Fast Lightweight Mutual Authentication Protocol

Security counts as a critical barrier to continuing growth of RFID industry due to lack of a proper high performance lightweight protocol-based solution. Amongst recent developments the Fast Lightweight Mutual Authentication Protocol (FLMAP) has been accepted for its superior speed and low complexity features. Here we examine the security strengths of FLMAP through systematic cryptanalysis tests. Outcome of our investigation show that in spite of its superior speed and power saving features FLMAP shows some serious design gaps and shortfalls against two specifically selected desynchronization and ID disclosure attacks. Finally, we propose solutions to fix the FLMAP designing and security flaws.

Cryptanalysis of Sood et al.'s Dynamic Identity Based Authentication Protocol for Multi-Server Architecture

Sood, Sarje, and Singh recently proposed a secure dynamic identity-based (ID-based) authentication protocol for multi-server architectures utilizing smart cards, wherein they reveal security weaknesses of Hsiang and Shih’s dynamic identity-based remote user authentication scheme. Sood et al. claim their proposed scheme can provide protection from various attacks such as replay, malicious user, stolen smart card, and offline dictionary attacks. However, we found their protocol does not have any defense mechanism against denial-of-service (DoS) or distributed denial-of-service (DDoS) attacks such as resource exhaustion attack which severely affects cascade style authentication schemes. We also found the protocol is susceptible to smart card vulnerabilities such as power analysis attack from privileged insiders. In addition, if an attacker has knowledge of both the verification tables and the master secret of the control server, the client verification tables and the service provider server database are susceptible to the verifier disclosure attack and offline dictionary attack. In this paper, we will demonstrate that Sood et al.’s protocol is insecure and suffers from aforementioned potential security vulnerabilities in detail.

A Novel Authentication Protocol suitable to EPC Class 1 Generation 2 RFID system

RFID, capable of non-contact automatic identification using the small, low-cost RFID tags, is taking the place of barcodes to become electronic tags of the new generation. EPCglobal Class-1 Generation-2 specification (Gen2 in brief) has been approved as ISO18000-6C for global use, but the identity of tag (TID) is delivered in plaintext which makes insecurity. Several solutions have been proposed based on Cyclic Redundancy Check (CRC). Due to the bad properties of the CRC function used in the protocol; the claimed security objectives are not met. In this paper, we propose a novel authentication protocol based on Gen2 for low-cost RFID tags which use the Pseudo-Random Number Generator (PRNG in brief) function instead of the CRC function. The advantages of the novel authentication is that the proposed protocol could withstand de-synchronization attack, disclosure attack and cloning attack, furthermore, it also could provide anonymity and mutual authentication.

Non‐linearity cannot help RFID resist full‐disclosure attacks and terrorist fraud attacks

ABSTRACTAs the concept of radio‐frequency identification (RFID) relay attack has been successfully implemented and demonstrated, the research of RFID distance‐bounding protocols to deter RFID relay attacks has drawn much attention from both the industry and academia. Conventionally, researchers adopted linear composition of secrets to resist terrorist fraud attacks. Recently, Peris‐Lopez et al. studied the weaknesses of previous RFID distance‐bounding protocols and proposed that non‐linear composition of secrets and inclusion of more random nonce could help RFID resist key disclosure attack and terrorist fraud attack. In this paper, we will show that non‐linear composition of secrets cannot help enhance the security actually. Copyright © 2012 John Wiley &amp; Sons, Ltd.