Security Analysis of the SASI Protocol
The ultralightweight RFID protocols only involve simple bit-wise operations (like XOR, AND, OR, etc.) on tags. In this paper, we show that the ultralightweight strong authentication and strong integrity (SASI) protocol has two security vulnerabilities, namely denial-of-service (DoS) and anonymity tracing based on a compromised tag. The former permanently disables the authentication capability of a RFID tag by destroying synchronization between the tag and the RFID reader. The latter links a compromised tag with past actions performed on this tag.
Authentication, Authentication, Location-dependent and sensitive, Location-dependent and sensitive, Privacy, Privacy, Security, Security
Date of this Version