Answered step by step
Verified Expert Solution
Link Copied!

Question

1 Approved Answer

Consider an RFID authentication system used in a clothing retail store, where readers send challenges to tags. Challenges are random strings, and tags are wireless

image text in transcribed

Consider an RFID authentication system used in a clothing retail store, where readers send challenges to tags. Challenges are random strings, and tags are wireless transponders that respond to the challenges. Each tag has a unique identifying string Id. The system can be used in two modes: scanning mode (used for taking inventory) and individual mode (used for determining prices during checkout). In a scanning mode a reader broadcasts a challenge, and all tags in a short range from the reader will receive the same challenge and respond. Under individual mode, a tag will receive an individual challenge and will respond with its Id, which will be used to determine the price that the customer must pay. There are two different communication protocols, and two different attacks to consider: Protocol1: Reader - Tags: r Tagid Reader: h(r | Id), Id - Reader sends a random challenge r - Tag replies with a hash of r concatenated with Id, and Id Protocol 2: Reader- Tags: r Tagd-Reader: h(Id | ku) r, Id where | denotes string concatenation, and kuis a unique secret key that a tag with Id shares with the - Reader sends a random challenge r. -Tag replies with h(Id | ka) r and id reader. Attack 1: An adversary tampers with tags' responses during a scanning round, with the goal of corrupting the shop's database. By "corruption", we mean "can an attacker make the information in the database misrepresent the real world. Not can the attacker corrupt the structure of the database"-the structure and implementation of the database are irrelevant Attack 2: An adversary tampers with the response during checkout, with the goal of paying less for the item Q4.1 Discuss Attack 1 on Protocol 1. Would the attack work? If so, outline the steps of the attack as well as Q4.2 Discuss Attack 2 on Protocol 1. Would the attack work? If so, outline the steps of the attack as well as Q4.3 Discuss Attack 1 on Protocol 2.Would the attack wor? If so, outline the steps of the attack as well as Q4.4 Discuss Attack 2 on Protocol 2.Would the attack work? If so, outline the steps of the attack as well as the minimum resources required to execute it. the minimum resources required to execute it the minimum resources required to execute it. the minimum resources required to execute it. Consider an RFID authentication system used in a clothing retail store, where readers send challenges to tags. Challenges are random strings, and tags are wireless transponders that respond to the challenges. Each tag has a unique identifying string Id. The system can be used in two modes: scanning mode (used for taking inventory) and individual mode (used for determining prices during checkout). In a scanning mode a reader broadcasts a challenge, and all tags in a short range from the reader will receive the same challenge and respond. Under individual mode, a tag will receive an individual challenge and will respond with its Id, which will be used to determine the price that the customer must pay. There are two different communication protocols, and two different attacks to consider: Protocol1: Reader - Tags: r Tagid Reader: h(r | Id), Id - Reader sends a random challenge r - Tag replies with a hash of r concatenated with Id, and Id Protocol 2: Reader- Tags: r Tagd-Reader: h(Id | ku) r, Id where | denotes string concatenation, and kuis a unique secret key that a tag with Id shares with the - Reader sends a random challenge r. -Tag replies with h(Id | ka) r and id reader. Attack 1: An adversary tampers with tags' responses during a scanning round, with the goal of corrupting the shop's database. By "corruption", we mean "can an attacker make the information in the database misrepresent the real world. Not can the attacker corrupt the structure of the database"-the structure and implementation of the database are irrelevant Attack 2: An adversary tampers with the response during checkout, with the goal of paying less for the item Q4.1 Discuss Attack 1 on Protocol 1. Would the attack work? If so, outline the steps of the attack as well as Q4.2 Discuss Attack 2 on Protocol 1. Would the attack work? If so, outline the steps of the attack as well as Q4.3 Discuss Attack 1 on Protocol 2.Would the attack wor? If so, outline the steps of the attack as well as Q4.4 Discuss Attack 2 on Protocol 2.Would the attack work? If so, outline the steps of the attack as well as the minimum resources required to execute it. the minimum resources required to execute it the minimum resources required to execute it. the minimum resources required to execute it

Step by Step Solution

There are 3 Steps involved in it

Step: 1

blur-text-image

Get Instant Access to Expert-Tailored Solutions

See step-by-step solutions with expert insights and AI powered tools for academic success

Step: 2

blur-text-image

Step: 3

blur-text-image

Ace Your Homework with AI

Get the answers you need in no time with our AI-driven, step-by-step assistance

Get Started

Recommended Textbook for

Databases A Beginners Guide

Authors: Andy Oppel

1st Edition

007160846X, 978-0071608466

More Books

Students also viewed these Databases questions

Question

=+ (c) Show that f is a measure on Fand agrees with a on Fo.

Answered: 1 week ago