Tracking and impersonating tags in a CRC-based ultralightweight RFID authentication protocol

Abstract

Design of ultralightweight authentication protocols for RFID systems conformed with the EPC Class-1 Generation-2 standard is still a challenging issue in RFID security. Recently, Maurya et al. proposed a CRC-based authentication protocol and claimed that their protocol resists against all attacks known in RFID systems. However, in this paper, we criticize employment of CRC function as a security primitive for authentication protocols by proposing two serious attacks against Maurya et al.’s protocol. These two effective and low-complexity attacks include a tag impersonation attack and a tag traceability attack. Our attacks use the linearity of the CRC function employed in this protocol. Our analyses show that the success probability of our attacks is “1” while the complexity is only one session eavesdropping, two XORs and one CRC computation. Moreover, we verify correctness of our attacks by simulating them. © 2019, Springer Science+Business Media, LLC, part of Springer Nature.