Security of Grouping-Proof Authentication Protocol for Distributed RFID Systems

Liu et al. proposed a grouping-proof authentication protocol (GUPA) for distributed radio frequency identification systems. At the same time, Liu et al. claimed that GUPA can resist the well-known attacks such as replay, forgery, tracking, and denial of proof. However, we report that, according to L...

Full description

Saved in:
Bibliographic Details
Published inIEEE wireless communications letters Vol. 7; no. 2; pp. 254 - 257
Main Authors Sun, Da-Zhi, Mu, Yi
Format Journal Article
LanguageEnglish
Published IEEE 01.04.2018
Subjects
Authentication
grouping-proof
Network security
Radiofrequency identification
RFID
security analysis
Online AccessGet full text

Cover

More Information
Summary:Liu et al. proposed a grouping-proof authentication protocol (GUPA) for distributed radio frequency identification systems. At the same time, Liu et al. claimed that GUPA can resist the well-known attacks such as replay, forgery, tracking, and denial of proof. However, we report that, according to Liu et al.'s assumption of the attack ability, the attacker is able to compromise all secrets by the man-in-the-middle (MIM) attacks. Although the MIM attacks were not explicitly evaluated by GUPA, the attacker can easily launch replay, forgery, tracking, and denial of proof when he knows all secrets of GUPA. That is, the lethal security flaws exist in GUPA. We also suggest employing the cryptographic hash function to protect the secrets in GUPA. Our security analysis of GUPA will be beneficial to the design of the robust grouping-proof authentication protocols in the future.
ISSN:2162-2337
2162-2345
DOI:10.1109/LWC.2017.2770123