IACR News item: 22 July 2013
Nasour Bagheri, Masoumeh Safkhani
ePrint Reportdesign a secure yoking-proof protocol. In addition, conforming to those guidelines and
EPC C1 G2, they presented a yoking-proof for low-cost RFID tags, named Kazahaya. However,
in this letter, we scrutinize its security showing how an passive adversary can retrieve secret
parameters of patient\'s tag in cost of O(216) o-line PRNG evaluations. Given the tag\'s secret
parameters, any security claims are ruined. Nevertheless, to show other weaknesses of the
protocol and rule out any possible improvement by increasing the length of the used PRNG,
we presented a forgery attack that shows that a proof generated at time tn can be used to
forge a valid proof for any desired time tj . The success probability of this attack is `1\' and the
complexity is negligible.
Additional news items may be found on the IACR news page.