Resumen de On the security of RFID anti-counting security protocol (ACSP)
Masoumeh Safkhani, Nasour Bagheri, Ali Mahani
Recently Qian et al. (2012) [26] have proposed a new attack for RFID systems, called counting attack, where the attacker just aims to estimate the number of tagged objects instead of steal the tags� private information. They have stated that most of the existing RFID mutual authentication protocols are vulnerable to this attack. To defend against counting attack, they proposed a novel Anti-Counting Security Protocol called ACSP. The designers of ACSP have claimed that their protocol is resistant against counting attack and also the other known RFID security threats. However in this paper we present the following efficient attacks against this protocol:
� Two tag impersonation attack: the success probability of each attack is ��1�� while the complexity is at most three runs of the protocol.
� Two single tag de-synchronization attacks, the success probability of both attacks is ��1�� while the complexity is at most two runs of the protocol.
� Group of tags de-synchronization attack: this attack, which can de-synchronize all tags in the range at once, has a success probability of ��1�� while its complexity is one run of the protocol.
� Traceability attack: the adversary�s advantage in this attack is almost the maximum of possible advantages for an adversary in the same model, i.e., 12 . The complexity of this attack is three runs of the protocol.
To counteract such flaws, we improve the ACSP protocol by applying some modifications so that it provides the desired security.
