6th Workshop on Radio Frequency Identification Security, İstanbul, Türkiye, 8 - 09 Haziran 2010, cilt.6370, ss.50-64
In this work, we present a practical passive attack on SASI, an ultra-lightweight mutual authentication protocol for RFID. This attack can be used to reveal with overwhelming probability the secret ID of the prover by eavesdropping about 2(17) authentications. The result dismantles SASI and, more generally, provides a new approach that threatens ultra-lightweight authentication protocols.