Weaknesses in a new ultralightweight RFID authentication protocol with permutation—RAPP



Tian et al. proposed a novel ultralightweight RFID mutual authentication protocol [1] that has recently been analyzed in several articles. In this letter, we first propose a desynchronization attack that succeeds with probability almost 1, which improves upon the 0.25 given in a previous analysis by Ahmadian et al. We also show that the bad properties of the proposed permutation function can be exploited to disclose several bits of the tag's secret (rather than just 1 bit as previously shown by Avoine et al.), which increases the power of a traceability attack. Finally, we show how to extend the aforementioned attack to run a full disclosure attack, which requires to eavesdrop less protocol runs than the proposed attack by Wang et al. (i.e., 192 < < 2 30). Copyright © 2013 John Wiley & Sons, Ltd.