DagSemProc.09031.3.pdf
- Filesize: 296 kB
- 18 pages
Document
Algebraic Attacks against Linear RFID Authentication Protocols
Authors
-
Part of:
Volume:
Dagstuhl Seminar Proceedings, Volume 9031
Series: Dagstuhl Seminar Proceedings (DagSemProc) - License:
Creative Commons Attribution 4.0 International license
- Publication Date: 2009-03-30
Cite As Get BibTex
Matthias Krause and Dirk Stegemann. Algebraic Attacks against Linear RFID Authentication Protocols. In Symmetric Cryptography. Dagstuhl Seminar Proceedings, Volume 9031, pp. 1-18, Schloss Dagstuhl – Leibniz-Zentrum für Informatik (2009)
https://doi.org/10.4230/DagSemProc.09031.3
Abstract
The limited computational resources available on RFID tags imply a
need for specially designed authentication protocols. The light weight
authentication protocol $extsf{HB}^+$ proposed by Juels and Weis seems currently
secure for several RFID applications, but is too slow for many practical
settings.
As a possible alternative, authentication protocols based on choosing
random elements from $L$ secret linear $n$-dimensional subspaces of
$GF(2)^{n+k}$ (so called linear $(n,k,L)$-protocols), have been considered. We show that to a certain extent, these protocols are vulnerable to algebraic
attacks. Particularly, our approach allows to break Cicho'{n}, Klonowski and Kutyl owski's $ extsf{CKK}^2$-protocol, a special linear
$(n,k,2)$-protocol, for practically recommended parameters in less
than a second on a standard PC. Moreover, we show that
even unrestricted $(n,k,L)$-protocols can be efficiently broken if $L$ is too small.
Subject Classification
Keywords
- RFID Authentication
- HB+
- CKK
- CKK2
Metrics
- Access Statistics
-
Total Accesses (updated on a weekly basis)
0PDF Downloads