ISSN : 1796-217X
Volume : 3    Issue : 3    Date : March 2008

Security Analysis on a Family of Ultra-lightweight RFID Authentication Protocols
Tieyan Li, Guilin Wang, and Robert H. Deng
Page(s): 1-10
Full Text:
PDF (492 KB)

In this paper, we analyze the security vulnerabilities of a family of ultra-lightweight RFID mutual
authentication protocols: LMAP, M2AP and EMAP, which are recently proposed by Peris-Lopez et al.
We identify two effective attacks, namely de-synchronization attack and full-disclosure attack, against
their protocols. The former permanently disables the authentication capability of a RFID tag by
destroying synchronization between the tag and the RFID reader. It can be carried out in just single
round of interaction in the authentication protocols. The latter completely compromises a tag by
extracting all the secret information stored in the tag. It is accomplished across several runs of the
protocols. Moreover, we point out the potential countermeasures to improve the security of above

Index Terms
RFID authentication, security and privacy, ultra-lightweight primitives