Premium
On the security of an RFID‐based parking lot management system
Author(s) -
Safkhani Masoumeh,
Bagheri Nasour,
Hosseinzadeh Mehdi,
Eslamnezhad Namin Mojtaba,
Rostampour Samad
Publication year - 2017
Publication title -
international journal of communication systems
Language(s) - English
Resource type - Journals
SCImago Journal Rank - 0.344
H-Index - 49
eISSN - 1099-1131
pISSN - 1074-5351
DOI - 10.1002/dac.3313
Subject(s) - computer science , computer security , radio frequency identification , scheme (mathematics) , protocol (science) , redundancy (engineering) , chen , identification (biology) , computer network , operating system , medicine , mathematical analysis , paleontology , botany , alternative medicine , mathematics , pathology , biology
Summary Radio Frequency Identification (RFID)‐based parking management systems provide facilities to control parking lot systems within easy access and secure inspection. Chen and Chong have presented a scheme to prevent car thefts for parking lot management systems, which is based on EPC C1‐G2 RFID standard. They claimed that their protocol is resistant against well‐known RFID attacks. In this paper, we prove that Chen and Chong's scheme is not resistant against secret disclosure and impersonation attacks. Therefore, in Chen and Chong parking lot system, a car may be stolen without having a valid tag. In this paper, we also show that the proposed impersonation attack works for any length of cyclic redundancy check and the secret disclosure attack costs at most 2 16 evaluations of the used pseudo random number generator. The success probability of both attacks is 1 while their complexity is only 2 runs of the protocol. Finally, we present an improved protocol and formally and informally prove that the improved protocol provides the desired level of security and privacy.