posted on 2009-12-16, 11:19authored byRaphael C.-W. Phan
Since RFID tags are ubiquitous and at times even oblivious to the
human user, all modern RFID protocols are designed to resist tracking so that the
location privacy of the human RFID user is not violated. Another design criterion
for RFIDs is the low computational effort required for tags, in view that most tags
are passive devices that derive power from an RFID reader’s signals. Along this
vein, a class of ultralightweight RFID authentication protocols has been designed,
which uses only the most basic bitwise and arithmetic operations like exclusive-
OR, OR, addition, rotation, and so forth. In this paper, we analyze the security of
the SASI protocol, a recently proposed ultralightweight RFID protocol with better
claimed security than earlier protocols. We show that SASI does not achieve
resistance to tracking, which is one of its design objectives.
History
School
Mechanical, Electrical and Manufacturing Engineering
Citation
PHAN, R.C.-W., 2009. Cryptanalysis of a new ultralightweight RFID authentication protocol—SASI. IEEE Transactions on Dependable and Secure Computing, 6(4), pp. 316-320