The Journal of the Korea Contents Association (한국콘텐츠학회논문지)

The Korea Contents Association (한국콘텐츠학회)
권호 표지
DOI QR코드

DOI QR Code

Mechanism of RFID Authentication for u-Vehicle

u-Vehicle 환경에 적합한 RFID 인증 메커니즘

  • Published : 2008.06.28
Download PDF
⟨ Previous Next ⟩

Abstract

The concept of u-Vehicle is a technological model that people try to build the ubiquitous world in the car which moves, by using the RFID technology as well as the telematics service based on the location. RFID is weak on the point of information security because RFID has possibility for being abused such as chasing, counterfeiting, and invading personal privacy. RFID's tags use a weak cryptographic algorithm. This paper presents the vulnerabilities of information security under u-Vehicle environments. To solve that, we propose a mechanism enhancing RFID tag's security but with low cost by reducing the number of mutual authentication stages and using the hash function.

u-Vehicle은, 위치정보에 기반한 텔레매틱스 서비스뿐 아니라, RFID 기술을 이용하여 움직이는 자동차 안에서의 유비쿼터스 세상을 구축하려는 기술 모델이다. u-Vehicle 환경에서는 RFID가 본래의 목적과 달리 추적, 감시 등 부적절하게 사용될 소지가 크며, 이렇게 될 경우 개인의 프라이버시 침해하게 되는 등, 정보보호 측면이 취약하게 된다. 여기에 사용되는 저가의 RFID 태그는 보안에 취약한 알고리즘을 이용하고 있다. 본 논문에서는 u-Vehicle 환경에서 RFID가 갖는 정보 보안상의 취약점을 도출하였다. 또한 이를 해결하기 위한 방법으로서, 해쉬 함수와 배타적 논리합 연산을 사용하고, 상호인증 단계를 줄여 적은 비용으로 RFID 태그의 안전성을 증가시킬 수 있는 메커니즘을 제시한다.

Keywords

References

  1. J. Deng, "Security Support for In_Network Processing in Wireless Sensor Networks," Proc. SASN, 2003.
  2. ETRI, RFID/USN 출현의 시사점과 부작용 극복 방안 모색, 2004
  3. L. Tieyan, D. Robert, "Vulnerability Analysis of EMAP-An Efficient RFID Mutual Authentication Protocol," Reliability and Security (ARES'07), 2007.
  4. KISA, RFID/USN Security Issues & Stepwise Approach, 제9회 정보보호 심포지움, 2004
  5. 박종욱, 주학수, 이재일, 이동훈, "유비쿼터스 센서네트워크의 정보보호 이슈와 동향", 통신학회지, 2004(6).
  6. K. Finkenzeller, RFID Handbook Second Edition, Wiley&Sons, 2002.
  7. BSI Report, Security Aspects and Prospective Applications of RFID Systems, 2005.
  8. Z. Lan and Z. Huaibei, "An Improved Approach to Security and Privacy of RFID Application System," Wireless Communications, Networking and Mobile Computing, Proceedings, 2005 International Conference on, Vol.2, pp.1195-1198, 2005.
  9. G. C. Chang, "A Feasible Security Mechanism for Low Cost RFID Tags," Mobile Business, ICMB2005 International Conference, pp.675-677, 2005.
  10. S. A. Weis, S. E. Sarma, and L. Ronald, "Security and Privacy Aspects of Low-Cost Radio Frequency Identification Systems," First International Conference on Security in Pervasive Computing, 2003.
  11. H. Dirk and M. Paul, "Hash-based Enhancement of Location Privacy for Radio-Frequency Identification Devices using Varying Identifiers," Proceedings of the Second IEEE Annual Conference on Pervasive Computing and Communications Workshops, pp.149-153, 2004. https://doi.org/10.1109/PERCOMW.2004.1276922
  12. G. Xingxin, X. Zhe, W. Hao, S. Jun, H. Jian, and S. Song, "An Approach to security and privacy of RFID system for supply chain," IEEE International Conference on E-Commerce Technology for Dynamic E-Business, pp.164-168, 2004. https://doi.org/10.1109/CEC-EAST.2004.14
  13. L. Tieyan, W. Guilin, and H. D. Robert, "Security Analysis on a Family of Ultra-lightweight RFID Authentication Protocols," Journal of software, Vol.3, No.3, 2008.