Cryptanalysis of a new ultralightweight RFID authentication protocolSASI

Raphael C.W. Phan

doi:10.1109/TDSC.2008.33

Cryptanalysis of a new ultralightweight RFID authentication protocolSASI

Raphael C.W. Phan

Research output: Contribution to journal › Article › Research › peer-review

124 Citations (Scopus)

Abstract

Since RFID tags are ubiquitous and at times even oblivious to the human user, all modern RFID protocols are designed to resist tracking so that the location privacy of the human RFID user is not violated. Another design criterion for RFIDs is the low computational effort required for tags, in view that most tags are passive devices that derive power from an RFID reader's signals. Along this vein, a class of ultralightweight RFID authentication protocols has been designed, which uses only the most basic bitwise and arithmetic operations like exclusive-OR, OR, addition, rotation, and so forth. In this paper, we analyze the security of the SASI protocol, a recently proposed ultralightweight RFID protocol with better claimed security than earlier protocols. We show that SASI does not achieve resistance to tracking, which is one of its design objectives.

Original language	English
Pages (from-to)	316-320
Number of pages	5
Journal	IEEE Transactions on Dependable and Secure Computing
Volume	6
Issue number	4
DOIs	https://doi.org/10.1109/TDSC.2008.33
Publication status	Published - 2009
Externally published	Yes

Keywords

Authentication
Cryptanalysis
Pervasive and embedded computing
RFID
SASI
Terms-Security of cryptographic protocols
Traceability
Ultralightweight

Access to Document

10.1109/TDSC.2008.33

Cite this

@article{71b2085cfe194d6cb57661a1b0cd9f93,

title = "Cryptanalysis of a new ultralightweight RFID authentication protocolSASI",

abstract = "Since RFID tags are ubiquitous and at times even oblivious to the human user, all modern RFID protocols are designed to resist tracking so that the location privacy of the human RFID user is not violated. Another design criterion for RFIDs is the low computational effort required for tags, in view that most tags are passive devices that derive power from an RFID reader's signals. Along this vein, a class of ultralightweight RFID authentication protocols has been designed, which uses only the most basic bitwise and arithmetic operations like exclusive-OR, OR, addition, rotation, and so forth. In this paper, we analyze the security of the SASI protocol, a recently proposed ultralightweight RFID protocol with better claimed security than earlier protocols. We show that SASI does not achieve resistance to tracking, which is one of its design objectives.",

keywords = "Authentication, Cryptanalysis, Pervasive and embedded computing, RFID, SASI, Terms-Security of cryptographic protocols, Traceability, Ultralightweight",

author = "Phan, \{Raphael C.W.\}",

year = "2009",

doi = "10.1109/TDSC.2008.33",

language = "English",

volume = "6",

pages = "316--320",

journal = "IEEE Transactions on Dependable and Secure Computing",

issn = "1545-5971",

publisher = "IEEE, Institute of Electrical and Electronics Engineers",

number = "4",

}

TY - JOUR

T1 - Cryptanalysis of a new ultralightweight RFID authentication protocolSASI

AU - Phan, Raphael C.W.

PY - 2009

Y1 - 2009

N2 - Since RFID tags are ubiquitous and at times even oblivious to the human user, all modern RFID protocols are designed to resist tracking so that the location privacy of the human RFID user is not violated. Another design criterion for RFIDs is the low computational effort required for tags, in view that most tags are passive devices that derive power from an RFID reader's signals. Along this vein, a class of ultralightweight RFID authentication protocols has been designed, which uses only the most basic bitwise and arithmetic operations like exclusive-OR, OR, addition, rotation, and so forth. In this paper, we analyze the security of the SASI protocol, a recently proposed ultralightweight RFID protocol with better claimed security than earlier protocols. We show that SASI does not achieve resistance to tracking, which is one of its design objectives.

AB - Since RFID tags are ubiquitous and at times even oblivious to the human user, all modern RFID protocols are designed to resist tracking so that the location privacy of the human RFID user is not violated. Another design criterion for RFIDs is the low computational effort required for tags, in view that most tags are passive devices that derive power from an RFID reader's signals. Along this vein, a class of ultralightweight RFID authentication protocols has been designed, which uses only the most basic bitwise and arithmetic operations like exclusive-OR, OR, addition, rotation, and so forth. In this paper, we analyze the security of the SASI protocol, a recently proposed ultralightweight RFID protocol with better claimed security than earlier protocols. We show that SASI does not achieve resistance to tracking, which is one of its design objectives.

KW - Authentication

KW - Cryptanalysis

KW - Pervasive and embedded computing

KW - RFID

KW - SASI

KW - Terms-Security of cryptographic protocols

KW - Traceability

KW - Ultralightweight

UR - https://www.scopus.com/pages/publications/70450265312

U2 - 10.1109/TDSC.2008.33

DO - 10.1109/TDSC.2008.33

M3 - Article

AN - SCOPUS:70450265312

SN - 1545-5971

VL - 6

SP - 316

EP - 320

JO - IEEE Transactions on Dependable and Secure Computing

JF - IEEE Transactions on Dependable and Secure Computing

IS - 4

ER -

Cryptanalysis of a new ultralightweight RFID authentication protocolSASI

Abstract

Keywords

Access to Document

Other files and links

Cite this