Vulnerability analysis of two ultra-lightweight RFID authentication protocols: RAPP and gossamer

摘要

The available energy and computational resources needed for privacy and authentication in RFID systems are limited. In recent years, a new track of research investigated the feasibility of using ultra-lightweight protocols that are based on simple operations to provide the required privacy and mutual authentication functionality while meeting the stringent constraints. Several ideas were proposed and evaluated in an informal way by stating the message exchanges without considering the validity of the assumptions nor the correctness of the messages exchanged. Subsequent research efforts showed that most of these protocols were vulnerable to one attack or more. In this paper, we consider two ultra-lightweight mutual authentication protocols that were shown to be vulnerable to the full disclosure and de-synchronization attacks; respectively. The protocols are formally analyzed using GNY logic to explain the incorrect assumptions of the protocols, how these assumption were exploited, and how they could have been avoided.