International Association for Cryptologic Research

International Association
for Cryptologic Research

IACR News item: 30 June 2015

Nasour Bagheri, Masoumeh Safkhani, Hoda Jannati
ePrint Report ePrint Report
Over the past decade, besides authentication, ownership

management protocols have been suggested to transfer or

delegate the ownership of RFID tagged items. Recently, Niu et

al. have proposed an authentication and ownership management

protocol based on 16-bit pseudo random number generators and

exclusive-or operations which both can be easily implemented on

low-cost RFID passive tags in EPC global Class-1 Generation-2

standard. They claim that their protocol offers location and data

privacy and also resists against desynchronization attack. In this

paper, we analyze the security of their proposed authentication

and ownership management protocol and show that the protocol

is vulnerable to secret disclosure and desynchronization attacks.

The complexity of most of the attacks are only two runs of the

protocol and the success probability of the attacks are almost 1.

Expand

Additional news items may be found on the IACR news page.