BROWSE
Detail
Journal Article
Attacks on and Countermeasures for an RFID Mutual Authentication Scheme in Pervasive Computing Environment
Cited 0 time in 
Share 
Share
- Authors
- Abedelaziz Mohaisen, Ku-Young Chang, Dowon Hong
- Issue Date
- 2011-09
- Citation
- KSII Transactions on Internet and Information Systems, v.5, no.9, pp.1684-1697
- ISSN
- 1976-7277
- Publisher
- 한국인터넷정보학회
- Language
- English
- Type
- Journal Article
- Abstract
- We show that two protocols for RFID mutual authentication in pervasive computing environments, recently proposed by Kang et al, are vulnerable to several attacks. First, we show these protocols do not preserve the privacy of users' location. Once a tag is authenticated successfully, we show several scenarios where legitimate or illegitimate readers can trace the location of that tag without any further information about the tag's identifier or initial private key. Second, since the communication between readers and the database takes place over an insecure communication channel and in the plaintext form, we show scenarios where a compromised tag can gain access to confidential information that the tag is not supposed get access to. Finally, we show that these protocols are also vulnerable to the replay and denial-of-service attacks. While some of these attacks are due to simple flaws and can be easily fixed, others are more fundamental and are due to relaxing widely accepted assumptions in the literature. We examine this issue, apply countermeasures, and re-evaluate the protocols overhead after taking these countermeasures into account and compare them to other work in the literature. © 2011 KSII.
- KSP Keywords
- Denial of service attack, Insecure communication channel, Pervasive computing environments, Preserve the privacy, authentication scheme, confidential information, denial of service(DoS), mutual authentication, private Key