This is an outdated version published on 2017-06-25. Read the most recent version.

On the Improper Use of CRC for Cryptographic Purposes in RFID Mutual Authentication Protocols

Authors

  • Eyad S. Taqieddin Jordan University of Science and Technology

DOI:

https://doi.org/10.17762/ijcnis.v9i2.2376

Abstract

Mutual authentication is essential to guarantee the confidentiality, integrity, and availability of an RFID system. One area of interest is the design of lightweight mutual authentication protocols that meet the limited computational and energy resources of the tags. These protocols use simple operations such as permutation and cyclic redundancy code for cryptographic purposes. However, these functions are cryptographically weak and are easily broken. In this work, we present a case against the use of these functions for cryptographic purposes, due to their simplicity and linear properties, by analyzing the LPCP protocol. We evaluate the claims of the LPCP resistance to de-synchronization and full disclosure attacks and show that the protocol is weak and can be easily broken by eavesdropping on a few mutual authentication sessions. ThisĀ  weakness stems from the functions themselves as well as the improper use of inputs to these functions. We further offer suggestions that would help in designing more secure protocols.

Downloads

Published

2017-06-25

Versions

How to Cite

Taqieddin, E. S. (2017). On the Improper Use of CRC for Cryptographic Purposes in RFID Mutual Authentication Protocols. International Journal of Communication Networks and Information Security (IJCNIS), 9(2). https://doi.org/10.17762/ijcnis.v9i2.2376

Issue

Section

Research Articles