Flaws on RFID grouping-proofs. Guidelines for future sound protocols

Abstract

During the last years many RFID authentication protocols have been proposed with major or minor success (van Deursen and Radomirović, 2008). Juels (2004) introduced a different and novel problem that aims to evidence that two tags have been simultaneously scanned. He called this kind of evidence a yoking-proof that is supposed to be verifiable offline. Then, some authors suggested the generalization of the proof for a larger number of tags. In this paper, we review the literature published in this research topic and show the security flaws of the proposed protocols, named RFID grouping-proofs generally. More precisely, we cryptanalyze five of the most recent schemes and we also show how our techniques can be applied to older proposals. We provide some guidelines that should be followed to design secure protocols and preclude past errors. Finally, we present a yoking-proof for low-cost RFID tags, named Kazahaya, that conforms to the proposed guidelines.