Skip to Main Content
The authors describe three attacks against an efficient lightweight mutual authentication protocol recently proposed by Kulseng et al. These attacks are unique as they are closely related and must be performed in order, one after another. They break the untraceability, confidentiality and mutual authentication properties of the protocol, and show, for the first time, that breaking the privacy property may lead to attacks on the security properties of radio frequency identification (RFID) authentication protocols. Finally, we present a countermeasure to fix the flaws and make a brief security analysis of the improved protocol.