Cryptanalysis of the SASI Ultralightweight RFID Authentication Protocol with Modular Rotations

In this work we present the first passive attack over the SASI lightweight authentication protocol with modular rotations. This can be used to fully recover the secret ID of the RFID tag, which is the value the protocol is designed to conceal. The attack is described initially for recovering ⌊log2(96)⌋ = 6 bits of the secret value ID, a result that by itself allows to mount traceability attacks on any given tag. However, the proposed scheme can be extended to obtain any amount of bits of the secret ID, provided a sufficiently large number of successful consecutive sessions are eavesdropped. We also present results on the attack’s efficiency, and some ideas to secure this version of the SASI protocol.

• Publication year

  2008

• Venue

  arXiv.org

• Publication date

  2008-11-26

• Fields of study

  Computer Science

• Identifiers
  arXiv 0811.4257
• External record

  Open on Semantic Scholar

• Source metadata

  Semantic Scholar

• No claims are published for this paper.

• No concepts are published for this paper.

• Security Analysis of the SASI Protocol

  2009cited by this paper
• From Weaknesses to Secret Disclosure in a Recent Ultra-Lightweight RFID Authentication Protocol

  2008cited by this paper
• Security Analysis of Two Ultra-Lightweight RFID Authentication Protocols

  2007cited by this paper
• Breaking LMAP

  2007cited by this paper
• Passive Attack Against the M 2 AP Mutual Authentication Protocol for RFID Tags ∗

  2007cited by this paper
• SASI: A New Ultralightweight RFID Authentication Protocol Providing Strong Authentication and Strong Integrity

  2007influential reference
• Security of ultra-lightweight RFID authentication protocols and its improvements

  2007cited by this paper
• LMAP : A Real Lightweight Mutual Authentication Protocol for Low-cost RFID tags

  2006cited by this paper
• M2AP: A Minimalist Mutual-Authentication Protocol for Low-Cost RFID Tags

  2006influential reference
• EMAP: An Efficient Mutual-Authentication Protocol for Low-Cost RFID Tags

  2006influential reference
• New Applications of T-Functions in Block Ciphers and Hash Functions

  2005cited by this paper

• Ultra-Lightweight Mutual Authentication Protocol to Prevent Replay Attacks for Low-Cost RFID Tags

  2024cites this paper
• An Enhanced Ultra-Lightweight Mutual Authentication Protocol for RFID: Securing Against Vulnerabilities with Optimized Performance

  2024cites this paper
• MDS Code Based Ultralightweight Authentication Protocol for RFID System

  2023cites this paper
• Gossamer: weaknesses and performance

  2022cites this paper
• Security and privacy issues in smart cities/industries: technologies, applications, and challenges

  2022cites this paper
• MUMAP: Modified Ultralightweight Mutual Authentication protocol for RFID enabled IoT networks

  2021cites this paper
• Ultralightweight RFID Authentication Protocols for Low-Cost Passive RFID Tags

  2019cites this paper
• Advance Strong Authentication Strong Integrity (ASASI) Protocol for Low Cost Radio Frequency Identification

  2018cites this paper
• On the Security of Rotation Operation Based Ultra-Lightweight Authentication Protocols for RFID Systems

  2018cites this paper
• Implementation of secret disclosure attack against two IoT lightweight authentication protocols

  2018cites this paper
• Ultralightweight Cryptography - Some Thoughts on Ten Years of Efforts

  2018cites this paper
• Innovative Security Solutions for Information Technology and Communications

  2018cites this paper
• Cryptanalysis of ultralightweight mutual authentication protocol for radio frequency identification enabled Internet of Things networks

  2018influential citation
• Cryptanalysis of a novel ultra-lightweight mutual authentication protocol for IoT devices using RFID tags

  2017cites this paper
• Security and Vulnerability in the Internet of Things

  2017cites this paper
• IoT Node Authentication

  2017cites this paper
• Security Requirements in IoT Architecture

  2017cites this paper
• Review of different classes of RFID authentication protocols

  2017cites this paper
• A New Ultralightweight RFID Authentication Protocol for Passive Low Cost Tags: KMAP

  2016cites this paper
• Probabilistic Recursive Cryptanalysis of Ultralightweight Mutual Authentication Protocols for Passive RFID Systems

  2016cites this paper
• Cryptanalysis of Two Recent RFID Authentication Protocols

  2016cites this paper
• An Internet-of-Things Initiative for One Belt One Road (OBOR)

  2016cites this paper
• Pitfalls in Ultralightweight Authentication Protocol Designs

  2016cites this paper
• SURV: Shelled Ultralightweight Randomized Value Authentication Protocol for Low-Cost RFID Tags

  2015cites this paper
• Mersenne twister-based RFID authentication protocol

  2015cites this paper
• Addressing security and privacy issues in low-cost RFID systems

  2015cites this paper
• A genetic tango attack against the David–Prasad RFID ultra‐lightweight authentication protocol

  2014cites this paper
• Ultralightweight Cryptography for passive RFID systems

  2014cites this paper
• A Lightweight Authentication Protocol for Secure Communications between Resource-Limited Devices and Wireless Sensor Networks

  2014cites this paper
• A New Ultralightweight RFID Protocol for Low-Cost Tags: R$$^{2}$$2AP

  2014cites this paper
• Another Improvement of RAPP: An Ultra-lightweight Authentication Protocol for RFID

  2014cites this paper
• Cryptanalysis of the Cho et al. protocol: A hash-based RFID tag mutual authentication protocol

  2014cites this paper
• Ultra-lightweight Mutual Authentication Protocols: Weaknesses and Countermeasures

  2013cites this paper
• Another Improvement of LMAP++: An RFID Authentication Protocol

  2013cites this paper
• Recursive Linear and Differential Cryptanalysis of Ultralightweight Authentication Protocols

  2013cites this paper
• A One Round-Trip Ultralightweight Security Protocol for Low-Cost RFID Tags

  2013cites this paper
• Privacy in RFID and mobile objects

  2013cites this paper
• Identification and Authentication for RFID Systems

  2013cites this paper
• Efficient Passive Full-disclosure Attack on RFID Light-weight Authentication Protocols LMAP++ and SUAP

  2012cites this paper
• Lightweight Cryptography for Passive RFID Tags

  2012cites this paper
• NEW FINDINGS ON RFID AUTHENTICATION SCHEMES AGAINST DE-SYNCHRONIZATION ATTACK

  2012influential citation
• Privacy-friendly synchronized ultralightweight authentication protocols in the storm

  2012cites this paper
• SULMA: A Secure Ultra Light-Weight Mutual Authentication Protocol for Lowcost RFID Tags

  2011cites this paper
• Security analysis of LMAP++, an RFID authentication protocol

  2011cites this paper
• Cryptanalysis of Cho et al.'s Protocol, A Hash-Based Mutual Authentication Protocol for RFID Systems

  2011cites this paper
• Light-Weight Authentication Schemes with Applications to RFID Systems

  2011cites this paper
• Mutual Authentication Protocol for Networked RFID Systems

  2011cites this paper
• Security Analysis of a PUF based RFID Authentication Protocol

  2011cites this paper
• 7 Technologies, Applications, and Governance in the Internet of Things

  2011cites this paper
• On Ultralightweight RFID Authentication Protocols

  2011cites this paper
• Strong Authentication and Strong Integrity (SASI) Is Not That Strong

  2010influential citation
• Cryptanalysis of the Fast Lightweight Mutual Authentication Protocol

  2010cites this paper
• Lightweight Cryptography and Authentication Protocols for Secure Communications between Resource-Limited Devices and Wireless Sensor Networks: Evaluation and Implementation

  2010cites this paper
• Improvement of Two Lightweight RFID Authenti- cation Protocols

  2010cites this paper
• Cryptanalysis of AFMAP

  2010cites this paper
• Quasi-Linear Cryptanalysis of a Secure RFID Ultralightweight Authentication Protocol

  2010cites this paper
• Security Analysis of Ultra-lightweight Cryptographic Protocol for Low-cost RFID Tags: Gossamer Protocol

  2009cites this paper
• A Lightweight Authentication Protocol using Integer Arithmetic for low-cost RFID tags

  2009cites this paper
• Advances in Ultralightweight Cryptography for Low-Cost RFID Tags: Gossamer Protocol

  2009cites this paper
• Security Flaws in a Recent Ultralightweight RFID Protocol

  2009cites this paper
• An Efficient and Secure Protocol for Low-cost RFID Systems

  2009cites this paper