      F Eslam_Gamal@cis.asu.edu.eg                             "          ## #  #     # # "  "             #           " ##  "    ! ## ##  "  #  "    ! #      $  # ! # ## #       %"   & ’   $ I. INTRODUCTION Radio Frequency Identification (RFID) syst technology that plays an important ro identification as a ubiquitous infrastructure. applications in access control, manufactur maintenance, supply chain management, management, automatic payment, tracking control. RFID tags and contactless smart card passive; they operate without any internal ba the power from the reader. This offers lo results in short read ranges and limited pr They are also vulnerable to different attack location: distance fraud and relay attacks. Rel when a valid reader is tricked by an adversar that it is communication with a valid tag and is, the adversary performs a kind of man-in-th between the reader and the tag. It is difficult (IJCSIS) International Journal of Computer Sci        ! " Faculty of Computer and Information Science Ain Shams University Cairo, EGYPT g Eman.Shaaban@cis.asu.edu.eg Mhashem@ci       !       #   ##   #    #           # #        "   tem is the latest ole for object RFID has many ring automation, parking garage g, and inventory ds are normally attery and receive ong lifetime but rocessing power. ks related to the lay attacks occur ry into believing d vice versa. That he-middle attack t to prevent these attacks since the adversary does n the reader and the tag [3]. There are three types of att between the reader and the tag. T to be closer than he really is. Th fraud attack. There are two types o attack and terrorist fraud attac scenario, both the reader R and malicious adversary is performin between the reader and the tag b and receiver R’. The fraudulent honest reader R and the fraudule the honest tag T. T’ and R’ coope to convince R as if R communica needing to know anything abo Terrorist fraud attack is an ext attack. The tag T is not hon fraudulent tag T’. The dishonest ta reader that he is close, while in know the long-term private or se with Mafia fraud attack is that t without the notice of both the read Figure 1. Distance Figure 2. Mafia and terr ience and Information Security, Vol. 7, No. 3, 2010    # is.asu.edu.eg not change any data between tacks related with distance The dishonest tag may claim his attack is called distance of relay attacks: mafia fraud ck. In mafia fraud attack the tag T are honest, but a ng man-in-the-middle attack by putting fraudulent tag T’ t tag T’ interacts with the ent reader R’ interacts with erate together. It enables T’ ates with T, without actually out the secret information. tension of the mafia fraud nest and collaborates with ag T uses T’ to convince the fact he is not. T does not ecret key of T. The problem this attack can be mounted der and the tag. Fraud Attack rorist fraud attack 62 http://sites.google.com/site/ijcsis/ ISSN 1947-5500