Cryptanalysis of the Improved SPRS Protocol: an Authentication Protocol for RFID Systems

Q: How can I download an article?

To download an article from SID, first log in to the site, search for the article title, and click on the 'Download Article' option.

Q: How can I download an ISI article?

To download an ISI article on SID, enter the keyword or article title in the search bar, view the relevant results, click on the desired article, and select the 'Download Article' option.

Q: How can I access the SID database?

To access the SID database, visit SID.ir, create an account, and log in to access scientific resources.

Q: Is downloading articles from SID free?

Some articles on SID are available for free, while others require payment. Details are specified on the article's page.

SAFKHANI M.

مرکز اطلاعات علمی Scientific Information Database (SID) - Trusted Source for Research and Academic Resources

Journal Paper

Paper Information

Journal: JOURNAL OF ELECTRONIC AND CYBER DEFENCE Year:2017 | Volume:5 | Issue:2 (18) Page(s): 59-66

Download Full-Text

Persian Verion

View:

762

Download:

Cites:

Information Journal Paper

Title

Cryptanalysis of the Improved SPRS Protocol: an Authentication Protocol for RFID Systems

Author(s)

SAFKHANI M. | Issue Writer Certificate

Keywords

RFIDQ1

AuthenticationQ1

SPRSQ1

PrivacyQ1

Secret Disclosure AttackQ1

Tag Traceability AttackQ1

Abstract

Authentication protocols are tools used to ensure the identity of the parties in cyberspace. If these protocols are compromised, the cyber security is threatened. These threats are of paramount importance in military applications. Recently, in [1] an authentication protocol, called SPRS has been considered and several attacks such as secret disclosure attack, tag impersonation attack and tag traceability attack have been applied on it. In addition, authors of that paper, presented the improved version of the protocol and claimed the improved protocol, unlike its predecessor, is secure against the attacks applied on the predecessor version and also other active and passive attacks. In this paper, we show that unfortunately, the security claims of authors do not hold and the improved protocol is also vulnerable against secret disclosure attack and tag traceability attack. We offer two versions of the secret disclosure attack which are offline and online versions. The basis of the attacks presented in this paper is that given Y=PRNG(X) and PRNG function is a public function and X and Y are 16 bits, performing an exhaustive search to find X as a pre-image of Y with a maximum of 216 off-line evaluations of PRNG function is possible. The offline version of the attack with the complexity of one run of protocol eavesdropping and doing 233 evaluations of PRNG function can disclose 4 secret values of protocol i. e. Ki, Pi, NT and EPCS which are 16 bits and the online version of the attack with the complexity of two times impersonating the reader and doing 217 evaluations of PRNG function can disclose these 4 secret values of protocol. Given these secret disclosure attacks, the improved protocol is not secure against other active and passive attacks as well. In addition, we propose a tag traceability attack to trace a given tag which does not depend on the length of the output of the PRNG function. Given this attack, an adversary can trace a given tag between any two sessions with the reader.

Multimedia

No record.

Cites

No record.

References

No record.

Cite

APA: Copy

SAFKHANI, M.. (2017). Cryptanalysis of the Improved SPRS Protocol: an Authentication Protocol for RFID Systems. JOURNAL OF ELECTRONIC AND CYBER DEFENCE, 5(2 (18) ), 59-66. SID. https://sid.ir/paper/243082/en

Vancouver: Copy

SAFKHANI M.. Cryptanalysis of the Improved SPRS Protocol: an Authentication Protocol for RFID Systems. JOURNAL OF ELECTRONIC AND CYBER DEFENCE[Internet]. 2017;5(2 (18) ):59-66. Available from: https://sid.ir/paper/243082/en

IEEE: Copy

M. SAFKHANI, “Cryptanalysis of the Improved SPRS Protocol: an Authentication Protocol for RFID Systems,” JOURNAL OF ELECTRONIC AND CYBER DEFENCE, vol. 5, no. 2 (18) , pp. 59–66, 2017, [Online]. Available: https://sid.ir/paper/243082/en

Related Journal Papers