%0 Journal Article
%T Security Flows and Improvement of a Recent Ultra Light-Weight RFID Protocol
%A Mehrdad Kianersi
%A Mahmoud Gardeshi
%J International Journal of UbiComp
%D 2011
%I Academy & Industry Research Collaboration Center (AIRCC)
%X In this paper, we analyze the security vulnerabilities of SSL-MAP, an ultra-lightweight RFID mutual authentication protocol recently proposed by Rama N, Suganya R. We present two effective attacks, a desynchronization attack and a full-disclosure attack, against this protocol. The former permanently disables the authentication capability of a RFID tag by destroying synchronization between the tag and the RFIDreader. The latter completely threats a tag by extracting all the secret information that are stored in the tag. The de-synchronization attack can be carried out in three round of interaction in SSL-MAP while the full-disclosure attack is accomplished across several runs of SSL-MAP. We also discuss ways to counterthe attacks.
%K RFID
%K Mutual authentication
%K Low-cost RFID Tag
%K SSL-MAP
%U http://airccse.org/journal/iju/papers/2411iju03.pdf