Security Analysis of a PUF based RFID Authentication Protocol

Abstract: In this paper we consider the security of a PUF based RFID Authentication protocol which has been recently proposed by Bassil et al. The designers have claimed that their protocol offers immunity against a broad range of attacks while it provides excellent performance. However, we prove in contrary to its designers claim that this protocol does not provide any security. We present an efficient secret disclosure attack which retrieves all secret parameters of the protocol. Given those secret parameters, it would be trivial to apply any other attack in the context on the protocol. However, to highlight other weaknesses of the protocol we present extra reader traceability, impersonation and desynchronization attacks that do not require disclosing the secret parameters necessarily. Success probability of all mentioned attacks is almost “1” while the complexity is at most two runs of protocol.

Category : cryptographic protocols / RFID, Authentication, PUF, Traceability Attack, Reader Impersonation Attack, Tag impersonation Attack, Desynchronization Attack

Download this Papers