Issue No. 04 - October-December (2009 vol. 6)
DOI Bookmark: http://doi.ieeecomputersociety.org/10.1109/TDSC.2008.33
Raphael C.-W. Phan , Loughborough University, Loughborough
Since RFID tags are ubiquitous and at times even oblivious to the human user, all modern RFID protocols are designed to resist tracking so that the location privacy of the human RFID user is not violated. Another design criterion for RFIDs is the low computational effort required for tags, in view that most tags are passive devices that derive power from an RFID reader's signals. Along this vein, a class of ultralightweight RFID authentication protocols has been designed, which uses only the most basic bitwise and arithmetic operations like exclusive-OR, OR, addition, rotation, and so forth. In this paper, we analyze the security of the SASI protocol, a recently proposed ultralightweight RFID protocol with better claimed security than earlier protocols. We show that SASI does not achieve resistance to tracking, which is one of its design objectives.
Security of cryptographic protocols, pervasive and embedded computing, RFID, authentication, ultralightweight, cryptanalysis, traceability, SASI.
R. C. Phan, "Cryptanalysis of a New Ultralightweight RFID Authentication Protocol—SASI," in IEEE Transactions on Dependable and Secure Computing, vol. 6, no. , pp. 316-320, 2008.