Author_Institution :
Dept. of Electron. & Electr. Eng., Loughborough Univ., Loughborough, UK
Abstract :
Since RFID tags are ubiquitous and at times even oblivious to the human user, all modern RFID protocols are designed to resist tracking so that the location privacy of the human RFID user is not violated. Another design criterion for RFIDs is the low computational effort required for tags, in view that most tags are passive devices that derive power from an RFID reader´s signals. Along this vein, a class of ultralightweight RFID authentication protocols has been designed, which uses only the most basic bitwise and arithmetic operations like exclusive-OR, OR, addition, rotation, and so forth. In this paper, we analyze the security of the SASI protocol, a recently proposed ultralightweight RFID protocol with better claimed security than earlier protocols. We show that SASI does not achieve resistance to tracking, which is one of its design objectives.
Keywords :
cryptographic protocols; message authentication; radiofrequency identification; telecommunication security; SASI protocol security; arithmetic operations; cryptanalysis; cryptographic protocols; location privacy; ultralightweight RFID authentication protocol; Authentication; Humans; Pervasive computing; Privacy; Protocols; RFID tags; Radiofrequency identification; Resists; Security; Signal design; Algorithm/protocol design and analysis; Communication/Networking and Information Technolog; Data encryption; Mobile Computing; Network Protocols; Network-level security and protection; Privacy; RFID; SASI.; Security and Privacy Protection; Security of cryptographic protocols; Untraceability; authentication; cryptanalysis; model; pervasive and embedded computing; traceability; ultralightweight;