Passive Cryptanalysis of the UnConditionally Secure Authentication Protocol for RFID
Recently, Alomair et al. proposed the first UnConditionally Secure mutual authentication protocol for low-cost RFID systems (UCS- RFID). The security of the UCS-RFID relies on five dynamic secret keys which are updated at every protocol run using a fresh random number (Nonce) secretly transmitted from a reader to tags. The results show that, at the highest security level of the protocol (security parameter= 256), inferring a nonce is feasible with the probability of 0.99 by eavesdropping (Observing) about 90 runs of the protocol. Finding a nonce enables a passive attacker to recover all five secret keys of the protocol.