At Eurocrypt 2011, Kiltz et al. presented two efficient authentication protocols for resource-constrained devices such as radio-frequency identification tags. Kiltz et al. proved that their protocols were provably secure against active attackers. However, they did not refer to the security against man-in-the-middle (MIM) attackers. In this paper, we analyze the security of the protocols against the MIM attacks and reveal the vulnerabilities. More concretely, we propose MIM attacks on them and evaluate authentication rounds required in these attacks precisely. We assume that the tag and reader share a 2l-bit secret key. The expected number of authentication rounds to recover the secret information in the first and second protocol is at most 2l+2 and 4l+4, respectively. These attacks do not contradict the proof of security since the MIM attack is located outside the attack model that Kiltz et al. considered.
Kosei ENDO
The University of Tokyo
Noboru KUNIHIRO
The University of Tokyo
The copyright of the original papers published on this site belongs to IEICE. Unauthorized use of the original or translated papers is prohibited. See IEICE Provisions on Copyright for details.
Copy
Kosei ENDO, Noboru KUNIHIRO, "Security Analysis on AUTH Protocol and Its Variant against the Man-in-the-Middle Attack" in IEICE TRANSACTIONS on Fundamentals,
vol. E98-A, no. 1, pp. 153-161, January 2015, doi: 10.1587/transfun.E98.A.153.
Abstract: At Eurocrypt 2011, Kiltz et al. presented two efficient authentication protocols for resource-constrained devices such as radio-frequency identification tags. Kiltz et al. proved that their protocols were provably secure against active attackers. However, they did not refer to the security against man-in-the-middle (MIM) attackers. In this paper, we analyze the security of the protocols against the MIM attacks and reveal the vulnerabilities. More concretely, we propose MIM attacks on them and evaluate authentication rounds required in these attacks precisely. We assume that the tag and reader share a 2l-bit secret key. The expected number of authentication rounds to recover the secret information in the first and second protocol is at most 2l+2 and 4l+4, respectively. These attacks do not contradict the proof of security since the MIM attack is located outside the attack model that Kiltz et al. considered.
URL: https://global.ieice.org/en_transactions/fundamentals/10.1587/transfun.E98.A.153/_p
Copy
@ARTICLE{e98-a_1_153,
author={Kosei ENDO, Noboru KUNIHIRO, },
journal={IEICE TRANSACTIONS on Fundamentals},
title={Security Analysis on AUTH Protocol and Its Variant against the Man-in-the-Middle Attack},
year={2015},
volume={E98-A},
number={1},
pages={153-161},
abstract={At Eurocrypt 2011, Kiltz et al. presented two efficient authentication protocols for resource-constrained devices such as radio-frequency identification tags. Kiltz et al. proved that their protocols were provably secure against active attackers. However, they did not refer to the security against man-in-the-middle (MIM) attackers. In this paper, we analyze the security of the protocols against the MIM attacks and reveal the vulnerabilities. More concretely, we propose MIM attacks on them and evaluate authentication rounds required in these attacks precisely. We assume that the tag and reader share a 2l-bit secret key. The expected number of authentication rounds to recover the secret information in the first and second protocol is at most 2l+2 and 4l+4, respectively. These attacks do not contradict the proof of security since the MIM attack is located outside the attack model that Kiltz et al. considered.},
keywords={},
doi={10.1587/transfun.E98.A.153},
ISSN={1745-1337},
month={January},}
Copy
TY - JOUR
TI - Security Analysis on AUTH Protocol and Its Variant against the Man-in-the-Middle Attack
T2 - IEICE TRANSACTIONS on Fundamentals
SP - 153
EP - 161
AU - Kosei ENDO
AU - Noboru KUNIHIRO
PY - 2015
DO - 10.1587/transfun.E98.A.153
JO - IEICE TRANSACTIONS on Fundamentals
SN - 1745-1337
VL - E98-A
IS - 1
JA - IEICE TRANSACTIONS on Fundamentals
Y1 - January 2015
AB - At Eurocrypt 2011, Kiltz et al. presented two efficient authentication protocols for resource-constrained devices such as radio-frequency identification tags. Kiltz et al. proved that their protocols were provably secure against active attackers. However, they did not refer to the security against man-in-the-middle (MIM) attackers. In this paper, we analyze the security of the protocols against the MIM attacks and reveal the vulnerabilities. More concretely, we propose MIM attacks on them and evaluate authentication rounds required in these attacks precisely. We assume that the tag and reader share a 2l-bit secret key. The expected number of authentication rounds to recover the secret information in the first and second protocol is at most 2l+2 and 4l+4, respectively. These attacks do not contradict the proof of security since the MIM attack is located outside the attack model that Kiltz et al. considered.
ER -