%0 Journal Article %T Security Flows and Improvement of a Recent Ultra Light-Weight RFID Protocol %A Mehrdad Kianersi %A Mahmoud Gardeshi %J International Journal of UbiComp %D 2011 %I Academy & Industry Research Collaboration Center (AIRCC) %X In this paper, we analyze the security vulnerabilities of SSL-MAP, an ultra-lightweight RFID mutual authentication protocol recently proposed by Rama N, Suganya R. We present two effective attacks, a desynchronization attack and a full-disclosure attack, against this protocol. The former permanently disables the authentication capability of a RFID tag by destroying synchronization between the tag and the RFIDreader. The latter completely threats a tag by extracting all the secret information that are stored in the tag. The de-synchronization attack can be carried out in three round of interaction in SSL-MAP while the full-disclosure attack is accomplished across several runs of SSL-MAP. We also discuss ways to counterthe attacks. %K RFID %K Mutual authentication %K Low-cost RFID Tag %K SSL-MAP %U http://airccse.org/journal/iju/papers/2411iju03.pdf