On the Security of the Revised SRP+ RFID Authentication Protocol

These days, many researchers work on RFID EPC-C1 G2 authentication protocols designing with the use of 16-bit PRNGs. However, thanks to short input/output length of such PRNG functions that makes it feasible to convert it, most of such protocols are vulnerable against full secret disclosure attacks. Recently, Moradi et al. in [1] analyzed an EPC-C1 G2 authentication protocol named 𝑆𝑆𝑆𝑆𝑆𝑆+ and presented a revised version of the 𝑆𝑆𝑆𝑆𝑆𝑆+ protocol. In this paper, we show that unfortunately the revised version of 𝑆𝑆𝑅𝑅𝑅𝑅+protocol, same as its predecessor i.e. 𝑆𝑆𝑆𝑆𝑆𝑆+ protocol, is still vulnerable against full secret disclosure attack. In the presented attack, adversary discloses all secrets of the protocol only by eavesdropping one run of the protocol, impersonating the reader in one run of the protocol and doing only 3 × 216 off -line PRNG function evaluations