TY - GEN
T1 - Passive black-box cryptanalysis of an ultralightweight protocol after eavesdropping one authentication session
AU - Hernandez-Castro, Julio Cesar
AU - Peris-Lopez, Pedro
AU - Tapiador, Juan E.
AU - Phan, Raphael C.W.
AU - Li, Tieyan
N1 - Copyright:
Copyright 2019 Elsevier B.V., All rights reserved.
PY - 2011
Y1 - 2011
N2 - We present a black-box attack that is able to fully recover the secret values shared between entities involved in an authentication protocol. First, we explain how this black-box technique can be successfully applied against the class of protocols commonly known as ultralightweight protocols. Then, the effectiveness of this attack is shown by successfully cryptanalyzing the David-Prasad ultralightweight protocol [1], which is one of the most recent proposals in this research area. We show how we can recover the secret static identifier ID - the most valuable information which the protocol is designed to conceal - after eavesdropping only one protocol session. Our attack compares favorably to previous attacks against this protocol, and constitutes an interesting alternative for the very realistic scenario of attackers having access only to messages exchanged during a single authentication session. We also show how this disclosure attack can be used to mount a very powerful traceability attack that also improves on previous results.
AB - We present a black-box attack that is able to fully recover the secret values shared between entities involved in an authentication protocol. First, we explain how this black-box technique can be successfully applied against the class of protocols commonly known as ultralightweight protocols. Then, the effectiveness of this attack is shown by successfully cryptanalyzing the David-Prasad ultralightweight protocol [1], which is one of the most recent proposals in this research area. We show how we can recover the secret static identifier ID - the most valuable information which the protocol is designed to conceal - after eavesdropping only one protocol session. Our attack compares favorably to previous attacks against this protocol, and constitutes an interesting alternative for the very realistic scenario of attackers having access only to messages exchanged during a single authentication session. We also show how this disclosure attack can be used to mount a very powerful traceability attack that also improves on previous results.
KW - Black-box attack
KW - cryptanalysis
KW - cryptographic protocols
KW - ultralightweight cryptography
UR - http://www.scopus.com/inward/record.url?scp=84865479051&partnerID=8YFLogxK
U2 - 10.3233/978-1-60750-722-2-3
DO - 10.3233/978-1-60750-722-2-3
M3 - Conference Paper
AN - SCOPUS:84865479051
SN - 9781607507215
T3 - Cryptology and Information Security Series
SP - 3
EP - 17
BT - Radio Frequency Identification System Security. RFIDsec'11 Asia Workshop Proceedings
PB - IOS Press
T2 - Workshop on RFID Security 2011
Y2 - 6 April 2011 through 8 April 2011
ER -