Breaking EMAP

Bárász, Mihály; Boros, Balázs; Ligeti, Péter; Lója, Krisztina; Nagy, Dániel

doi:10.1109/seccom.2007.4550374

Cited by 29 publications

(17 citation statements)

References 2 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

“…Vulnerable designs appeared in recent literature, such as the lightweight authentication protocols presented by Vajda and Buttyán in [68] (whose vulnerabilities were recently reported by Defend, Fu, and Juels in [15]), the set of ultra-lightweight authentication techniques presented by Peris-Lopez et al in [54][55][56] (which were reported as vulnerable to passive [3] and active [44] attacks), and enhancements of these proposals, like the SASI protocol [11] (recently reported by Cao, Bertino, and Lei in [9] as vulnerable), show how challenging it is to design adequate procedures given the constraints. We surveyed lightweight defenses that can be useful to reduce the risk of threats.…”

Section: Discussionmentioning

confidence: 99%

Security Threat Mitigation Trends in Low-Cost RFID Systems

García-Alfaro

Barbeau

Kranakis

2010

Data Privacy Management and Autonomous Spontaneous Security

View full text Add to dashboard Cite

Abstract. The design and implementation of security threat mitigation mechanisms in RFID systems, specially in low-cost RFID tags, are gaining great attention in both industry and academia. One main focus of research interests is the authentication and privacy techniques to prevent attacks targeting the insecure wireless channel of these systems. Cryptography is a key tool to address these threats. Nevertheless, strong hardware constraints, such as production costs, power consumption, time of response, and regulations compliance, makes the use of traditional cryptography in these systems a very challenging problem. The use of low-overhead procedures becomes the main approach to solve these challenging problems where traditional cryptography cannot fit. Recent results and trends, with an emphasis on lightweight techniques for addressing critical threats against low-cost RFID systems, are surveyed.

show abstract

Section: Discussionmentioning

confidence: 99%

Security Threat Mitigation Trends in Low-Cost RFID Systems

García-Alfaro

Barbeau

Kranakis

2010

Data Privacy Management and Autonomous Spontaneous Security

View full text Add to dashboard Cite

show abstract

“…The first ultra-lightweight protocols, the minimalist mutualauthentication protocol, lightweight mutual authentication protocol (LMAP), and efficient mutual authentication protocol, announced by Peris et al [16][17][18], were named collectively as the ultra-lightweight mutual authentication protocol (UMAP) for short, and utilized only triangular functions (∨ , ∧ , ⊕) and addition. The UMAP protocols are shown in Table 1 because they have drawn a lot of attention [19][20][21][22][23][24]. Afterwards, Chien et al pointed out the numerous attacks on the UMAP and suggested the inclusion of the rotation operation in their ultra-lightweight protocol, strong authentication and strong integrity (SASI) [5].…”

Section: Related Work In the Ultra-lightweight Categorymentioning

confidence: 99%

“…The weaknesses of protocols based on triangular functions are outlined in [9,[22][23][24]. Barasz et al pinpointed the weakness of least significant bits (LSBs) in triangular bitwise operations and the misusage of OR and AND functions in some messages, which lead to exposure of the ID [22,23].…”

Section: Weaknesses Of Triangular Function-based Protocolsmentioning

confidence: 99%

“…Barasz et al pinpointed the weakness of least significant bits (LSBs) in triangular bitwise operations and the misusage of OR and AND functions in some messages, which lead to exposure of the ID [22,23]. The authors in [20] launched a full disclosure attack by exploiting the algebraic weakness in the messages.…”

Section: Weaknesses Of Triangular Function-based Protocolsmentioning

confidence: 99%

“…Following the attack, the shared secrets were also exposed, by hopping from one message to another. In their security analyses, Lopez et al [9] explained the weak diffusion properties of the OR and AND operations, listed the attacks made on the UMAP [19][20][21][22][23][24], and concluded that due to its capacity, ultra-lightweight tags cannot resist active attacks. In addition, a new protocol was proposed to resist the known passive attacks.…”

Section: Weaknesses Of Triangular Function-based Protocolsmentioning

confidence: 99%

See 2 more Smart Citations

Mersenne twister-based RFID authentication protocol

Özcanhan¹,

Dalkılıç²

2015

Turk J Elec Eng & Comp Sci

View full text Add to dashboard Cite

Abstract:This work presents an ultra-lightweight, cryptographic, mutual authentication protocol for radio-frequency identification (RFID) tags. The proposed scheme is more secure than its predecessors. The vulnerabilities of previous schemes based on triangular functions and rotation have been demonstrated in traditional and rotational cryptanalysis.In this paper, we summarize the successful attacks on previous schemes and demonstrate further attacks on 3 recent ultra-lightweight protocols. Next, we present a proposal that resists all of the known passive attacks. The proposal obeys the properties and rules of addition-rotation-XOR with constants systems. The proposed scheme inserts parts of advanced encryption standard S-boxes into the temperings of the Mersenne twister, which is used as a deterministic random number generator. The proposal is supported by extensive performance and security analysis. Apart from previous work, our scheme is compared and contrasted against the results of some popular hashing and encryption algorithms, recommended for RFID tags.

show abstract

How to protect security and privacy in the IoT: a policy‐based RFID tag management protocol

Rekleitis

Rizomiliotis

Gritzalis

2011

Security Comm Networks

View full text Add to dashboard Cite

Radio‐frequency identification (RFID) technology constitutes an important part of what has become known as the Internet of Things (IoT) that is accessible and interconnected machines and everyday objects that form a dynamic and complex environment. To secure the IoT in a cost‐efficient manner, we need to build security and privacy into the design of its components. Moreover, mechanisms should be constructed that will allow both individuals and organizations to actively manage their “things” and information in a highly flux environment. The contributions of this paper are twofold: We first discuss the use of security and privacy policies that can offer fine granularity and context‐aware information control in RFID systems. Second, we propose a novel secure and privacy‐preserving tag management protocol that can support such policies. Our protocol has a modular design that allows it to support a set of desirable management operations (viz. tag authentication, delegation, and ownership transfer) while imposing minimal hardware and computational requirements on the tag side. Furthermore, inspired by the European Network and Information Security Agency's Flying 2.0 study, we describe a near‐future air travel scenario to further explain and demonstrate the inner workings of our proposal. Copyright © 2011 John Wiley & Sons, Ltd.

show abstract

Breaking EMAP

Cited by 29 publications

References 2 publications

Security Threat Mitigation Trends in Low-Cost RFID Systems

Security Threat Mitigation Trends in Low-Cost RFID Systems

Mersenne twister-based RFID authentication protocol

How to protect security and privacy in the IoT: a policy‐based RFID tag management protocol

Contact Info

Product

Resources

About