Unbalanced states violates RFID privacy

• Published in: Journal of intelligent manufacturing Vol. 25; no. 2; pp. 273 - 281
• Main Authors: Erguler, Imran, Anarim, Emin, Saldamli, Gokay
• Format: Journal Article
• Language: English
• Published: Boston Springer US 01.04.2014; Springer Nature B.V
• Subjects: Authentication; Authentication protocols; Business and Management; Communities; Control; Machines; Manufacturing; Mechatronics; Preserves; Privacy; Processes; Production; Proposals; Radio frequency; Radio frequency identification; Robotics; Searching; Studies; Wireless networks; Untraceability; Side-channel attacks; RFID authentication protocols
• ISSN: 0956-5515; 1572-8145
• DOI: 10.1007/s10845-012-0655-4

Designing privacy preserving authentication protocols for massively deployed Radio Frequency IDentification (RFID) systems is a real world challenge that have drawn significant attention from RFID community. This interest yields considerable amount of proposals targeting to overcome the main bottleneck (i.e. the exhaustive search over the list of all tag entries) which appears in the back-end database for large-scale RFID tag deployments. A class of these proposals contains RFID protocols where the server authenticates the tag in a negligible constant/sub-linear time for a more frequent normal state and needs a linear search in a rare abnormal states. In this study, however, we show that such protocols having unbalanced states are subject to side-channel attacks and do not preserve the RFID privacy. To illustrate this brutal security flaw, we conduct our analysis on different RFID protocols.