Radio frequency identification (RFID) is a powerful technology that enables wireless information storage and control in an economical way. These properties have generated a wide range of applications in different areas. Due to economic and technological constrains, RFID devices are seriously limited, having small or even tiny computational capabilities. This issue is particularly challenging from the security point of view. Security protocols in RFID environments have to deal with strong computational limitations, and classical protocols cannot be used in this context. There have been several attempts to overcome these limitations in the form of new lightweight security protocols designed to be used in very constrained (sometimes called ultra-lightweight) RFID environments. One of these proposals is the David–Prasad ultra-lightweight authentication protocol. This protocol was successfully attacked using a cryptanalysis technique named Tango attack. The capacity of the attack depends on a set of boolean approximations. In this paper, we present an enhanced version of the Tango attack, named Genetic Tango attack, that uses Genetic Programming to design those approximations, easing the generation of automatic cryptanalysis and improving its power compared to a manually designed attack. Experimental results are given to illustrate the effectiveness of this new attack.

References

Altenberg, L. (1994) The Evolution of Evolvability in Genetic Programming. Cambridge, MA: MIT Press, 47–74.
Google Scholar
Báráz, M., B. Boros, P. Ligeti K. Lója and D. Nagy (2007a) Breaking LMAP, in Proceedings of RFIDSec'07.
Google Scholar
Báráz, M., B. Boros, P. Ligeti, K. Lója and D. Nagy (2007b) Passive attack agains the M2AP mutual authentication protocol for RFID tags, in Proceedings of First International EURASIP Workshop on RFID Technology.
Google Scholar
Brown, D. (2007) RFID Implementation, 1st edn, New York, NY: McGraw-Hill, Inc.
Google Scholar
Cao, T., E. Bertino and H. Lei (2009) Security analysis of the sasi protocol. IEEE Transactions on Dependable and Secure Computing, 6, 73–77.
10.1109/TDSC.2008.32
Web of Science® Google Scholar
Castro, J.C.H., J.M. Estévez-Tapiador, P. Peris-López, T. Li and J.J. Quisquater (2009) Cryptanalysis of the SASI ultralightweight RFID authentication protocol with modular rotations, in International Workshop on Coding and Cryptography. Lofthus, Norway, 286–296.
Google Scholar
Chien, H.Y. (2006) Secure access control schemes for RFID systems with anonymity, in Proceedings of the 7th International Conference on Mobile Data Management, Washington, DC: IEEE Computer Society, 96–99.
Google Scholar
Chien, H.Y. (2007) SASI: a new ultralightweight RFID authentication protocol providing strong authentication and strong integrity, IEEE Transactions on Dependable and Secure Computing, 4, 337–340.
10.1109/TDSC.2007.70226
Web of Science® Google Scholar
Chien, H.Y. and C.W. Huang (2007) Security of ultra-lightweight RFID authentication protocols and its improvements, SIGOPS Operating Systems Review, 41, 83–86.
10.1145/1278901.1278916
Google Scholar
Cole, P.H. and D.C. Ranasinghe (2008) Networked RFID Systems and Lightweight Cryptography: Raising Barriers to Product Counterfeiting, 1st edn, Berlin, Heidelberg: Springer-Verlag.
10.1007/978-3-540-71641-9
Google Scholar
Daida, J.M., H. Li, R. Tang and A.M. Hilss (2003) What makes a problem GP-hard? Validating a hypothesis of structural causes, in Proceedings of the 2003 International Conference on Genetic and Evolutionary Computation: Part II, Berlin, Heidelberg: Springer-Verlag, 1665–1677.
Google Scholar
D'Arco, P. and A. De Santis (2008) Weaknesses in a recent ultra-lightweight rfid authentication protocol, in Proceedings of the Cryptology in Africa 1st international conference on Progress in cryptology, Berlin, Heidelberg: Springer-Verlag, 27–39.
Google Scholar
David, M. and N.R. Prasad (2010) Providing string security and high privacy in low-cost RFID networks, in Proceedings of Security and Privacy in Mobile Information and Communication Systems, Berlin, Heidelberg: Springer-Verlag, 172–179.
Google Scholar
Eiben, A.E. and J.E. Smith (2009). Introduction to Evolutionary Computing. Natural Computing, Berlin, Heidelberg: Springer-Verlag.
Google Scholar
Hamming, R.W. (1986) Coding and information theory, 2ndedn, Upper Saddle River, NJ: Prentice-Hall, Inc.
Google Scholar
Hernández-Castro, J.C., P. Peris-López, R.C.W. Phan and J.M.E. Tapiador (2010) Cryptanalysis of the David-Prasad RFID ultralightweight authentication protocol, in Proceedings of the 6th international conference on Radio frequency identification: security and privacy issues, Berlin, Heidelberg: Springer-Verlag, 22–34.
Google Scholar
Koza, J. (1992) Genetic Programming: On the programming of Computers by Means of Natural Selection. Cambrige, MA: MIT Press.
Google Scholar
Koza, J. (2010) Human-competitive results produced by genetic programming. Genetic Programming and Evolvable Machines, 11, 251–284.
10.1007/s10710-010-9112-3
Web of Science® Google Scholar
Landt, J. (2005). The history of RFID, Potentials, IEEE, 24, 8–11.
10.1109/MP.2005.1549751
Google Scholar
Li, T. and G. Wang (2007) Security analysis of two ultra-lightweight RFID authentication protocols, in Proceedings of IFIP SEC 2007, Sandton, Gauteng, South Africa 14–16.
Google Scholar
Luke, S. and L. Panait (2002) Lexicographic parsimony pressure, in Proceedings of GECCO-2002, New York, NY, San Francisco, CA: Morgan Kaufmann Publishers, 829–836.
Google Scholar
Luke, S. and L. Panait (2006) A comparison of bloat control methods for genetic programming, Evolution Computing, 14, 309–344.
10.1162/evco.2006.14.3.309
PubMed Web of Science® Google Scholar
Oh, R. and J. Park (2008) A development of active monitoring system for intelligent rfid logistics processing environment, in Proceedings of the 2008 International Conference on Advanced Language Processing and Web Information Technology, Washington, DC: IEEE Computer Society, 358–361.
Google Scholar
Peris-López, P., J.C. Hernández, J.M. Estévez-tapiador and A. Ribagorda (2006a) M 2 AP: a minimalist mutual-authentication protocol for low-cost RFID tags, in Proceedings of International Conference on Ubiquitous Intelligence and Computing UIC06, LNCS 4159, Berlin, Heidelberg: Springer-Verlag, 912–923.
Google Scholar
Peris-López, P., J.C. Hernández, J.M.E. Tapiador and A. Ribagorda (2006b) LMAP: a real lightweight mutual authentication protocol for low-cost RFID tags, in Proceeding of second Workshop on RFID Security, Ecrypt.
Google Scholar
Peris-López, P., J.C. Hernández-Castro, R.C.W. Phan, J.M.E. Tapiador and T. Li (2010) Quasi-linear cryptanalysis of a secure RFID ultralightweight authentication protocol, in 6th China International Conference on Information Security and Cryptology. Shanghai, China, Berlin, Heidelberg: Springer-Verlag, 427–442.
Google Scholar
Peris-López, P., J.C. Hernández-Castro, J.M. Tapiador and A. Ribagorda (2009) Advances in ultralightweight cryptography for low-cost RFID tags: Gossamer protocol, in Information Security Applications, Berlin, Heidelberg: Springer-Verlag, 56–68.
10.1007/978-3-642-00306-6_5
Google Scholar
Phan, R. (2009) Cryptanalysis of a new ultralightweight rfid authentication protocolsasi, IEEE Transactions on Dependable and Secure Computing, 6, 316–320.
10.1109/TDSC.2008.33
Web of Science® Google Scholar
R-Moreno, M.D., B. Castaño, M. Carbajo, Á. Moreno, D.F. Barrero and P. Muñoz (2011) Multi-agent intelligent planning architecture for people location and orientation using RFID, Cybernetics and Systems, 42, 16–32.
10.1080/01969722.2011.532640
Web of Science® Google Scholar
Tsai, H.C. (2011) Using weighted genetic programming to program squat wall strengths and tune associated formulas. Engineering Applications of Artificial Intelligence, 24, 526–533.
10.1016/j.engappai.2010.08.010
Web of Science® Google Scholar
Yeh, K.H. and N. Lo (2010) Improvement of two lightweight RFID authentication protocols. Information Assurance and Security Letters – IASL, 1, 6–11.
Google Scholar
Yeh, K.H., N. Lo and E. Winata (2010) An efficient ultralightweight authentication protocol for RFID systems, in Workshop on RFID Security – RFIDSec Asia'10, Singapore, Republic of Singapore: IOS Press, 49–60.
Google Scholar

Citing Literature

Volume31, Issue1

February 2014

Pages 9-19

A genetic tango attack against the David–Prasad RFID ultra-lightweight authentication protocol

Abstract

References

Citing Literature

References

Information

About Wiley Online Library

Help & Support

Opportunities

Connect with Wiley

A genetic tango attack against the David–Prasad RFID ultra-lightweight authentication protocol

Abstract

References

Citing Literature

References

Related

Information