On the Claimed Privacy of EC-RAC III

Fan J., Hermans J., Vercauteren F.

6th Workshop on Radio Frequency Identification Security, İstanbul, Turkey, 8 - 09 June 2010, vol.6370, pp.66-67 identifier

  • Publication Type: Conference Paper / Full Text
  • Volume: 6370
  • City: İstanbul
  • Country: Turkey
  • Page Numbers: pp.66-67
  • Istanbul Technical University Affiliated: No


In this paper we show how to break the most recent version of EC-RAC with respect to privacy. We show that both the ID-Transfer and ID&PWD-Transfer schemes from EC-RAC do not provide the claimed privacy levels by using a man-in-the-middle attack. The existence of these attacks voids the presented privacy proofs for EC-RAC.