The KIPS Transactions:PartC (정보처리학회논문지C)

Korea Information Processing Society (한국정보처리학회)
권호 표지
DOI QR코드

DOI QR Code

RFID Mutual Authentication Protocol Providing Stronger Security

강력한 보안성을 제공하는 RFID 상호 인증 프로토콜

  • 안해순 (대구대학교 교양교직부) ;
  • 부기동 (경일대학교 컴퓨터공학부) ;
  • 윤은준 (경북대학교 전자전기컴퓨터학부) ;
  • 남인길 (대구대학교 컴퓨터.IT공학부)
  • Published : 2009.06.30
Download PDF
⟨ Previous Next ⟩

Abstract

This paper demonstrates that an attacker can impersonate a random RFID tag and then perform the spoofing attack in the previous RFID authentication protocol. To resolve such a security problem, we also propose a new secure and efficient RFID mutual authentication protocol. The proposed RFID mutual authentication protocol is not only to resolve many security problems with the existing RFID authentication mechanism and the vulnerability against spoofing attack, but also to guarantee reliable authentication time as reducing computational overhead performing by tag. As a result, the proposed RFID mutual authentication protocol provides stronger security including the forward secrecy and more efficiency.

본 논문에서는 기존에 제안된 RFID 인증 프로토콜이 임의의 RFID 태그로 위장한 공격자로부터 스푸핑 공격을 당할 수 있음을 증명하고, 이러한 보안 문제점을 해결한 새로운 안전하고 효율적인 RFID 상호 인증 프로토콜을 제안한다. 제안한 RFID 상호 인증 프로토콜은 기존의 RFID 인증 메커니즘들이 가지고 있는 많은 보안 문제점들을 해결할 뿐만 아니라, 스푸핑 공격에 대한 취약점을 해결하고, 태그 측에서 수행하는 연산 오버헤드를 최대한 줄여줌으로써 신뢰할 만한 인증 시간을 보장하고 전방향 안전성을 만족하는 더욱 강력한 보안성과 효율성을 제공한다.

Keywords

References

  1. F. Klaus, 'RFID handbook,' Second Edition, Jone Willey & Sons, 2003
  2. S. E. Sarma, S. A. Weis, D. W. Engels. 'RFID systems, security & privacy implications,' White Paper MIT-AUTOID-WH_014, MIT AUTO-ID CENTER, 2002
  3. S. A. Weis, 'Radio-frequency identification security and privacy,' Master's Thesis, M.I.T. 2003
  4. A. Juels and R. Pappu, 'Squealing euros: privacy protection in RFID-enabled banknotes,' In proceedings of Financial Cryptography-FC'03, Vol.2742 LNCS, pp.103-121, Springer-Verlag, 2003 https://doi.org/10.1007/b11831
  5. A. Juels, R. L. Rivest, M Szydlo 'The blocker tag: selective blocking of RFID tags for consumer privacy,' In Proceedings of 10th ACM Conference on Computer and Communications Security, CCS 2003, pp.103-111, 2003 https://doi.org/10.1145/948109.948126
  6. S. Junichiro, H. Jae-Cheol and S. Kouichi, 'Enhancing privacy of universal re-encryption scheme for RFID tags,' EUC 2004, Vol.3207 LNCS, pp.879-890, Springer-Verlag, 2004
  7. S. A. Weis, S. Sarma, R. Rivest, D. Engels, 'Security and privacy aspects of low-cost radio frequency identification systems,' Security in Pervasive Computing 2003, LNCS 2802, pp.201-212, Springer-Verlag, 2004
  8. M. Ohkubo, K. Suzuki, and S. Kinoshita, 'Hash-chain based forward-secure privacy protection scheme for low-cost RFID,' Proceedings of the SCIS 2004, pp.719-724, 2004
  9. 양형규, 안영화, '유비쿼터스 컴퓨팅 환경에 적합한 RFID인증 프로토콜에 관한 연구,' 전자공학회논문지 42권 CI1호, pp.45-50, 2005
  10. 최은영, 최동희, 임종인, 이동훈, '저가형 RFID 시스템을 위한 효율적인 인증 프로토콜,' 정보보호학회논문지 15권 5호, pp.59-71, 2005
  11. 김배현, 유인태, '반사공격에 안전한 RFID 인증 프로토콜,' 한국통신학회논문지 32권 3호, pp.348-354, 2007
  12. M.S. Hwang, I.C. Lin, and L.H. Li. 'A simple micro-payment scheme,' The Journal of Systems and Software, Vol.55, pp.221-229, 2001 https://doi.org/10.1016/S0164-1212(00)00072-8
  13. Auto-ID Center, '860Mhz-960MHz Class I Radio Frequency Identification Tag Radio Frequency and Logical communication Interface Specification Proposed Recommendation Version 1.0.0. Technical Report MIT-AUTOID-TR-007', AutoID Center, MIT, 2002
  14. A. Juels, 'Minimalist cryptography for lowcost RFID tags', In 4th Intel. Conf. on Security in Communication Networks-SCN 2004 Vol.3352 LNCS. pp.149-164
  15. Choi, Eun Young and Lee, Su Mi and Lee, Dong Hoon, 'Efficient RFID Authentication protocol for Ubiquitous Computing Environment' In International Workshop on Security in Ubiquitous Computing Systems-secubiq 2005, Volume 3823 LNCS, pp.945-95 https://doi.org/10.1007/11596042_97
  16. Weis, S. et al, 'Security and Privacy in Radio -Frequency Identification Devices', Massachusetts Institute of Technology, 2003
  17. S. Vaudenay, 'On privacy models for RFID,' Proc. of the Asiacrypt 2007, Vol.4833, pp.68-87, Springer-Verlag, 2007 https://doi.org/10.1007/978-3-540-76900-2_5
  18. I. Damgard and M. O. Pedersen, 'RFID security: tradeoffs between security and efficiency,' Proc. of the CT-RSA 2008, Vol.LNCS4964, pp.318-332, Springer-Verlag, 2008 https://doi.org/10.1007/978-3-540-79263-5_20
  19. P. I. Paise and S. Vaudenay, 'Mutual Authentication in RFID: Security and Privacy,' Proc. of the CCS 2008, pp.292-299, ACM, 2008

Cited by

  1. Improvement of a Verified Secure Key Distribution Protocol Between RFID and Readers vol.18C, pp.5, 2011, https://doi.org/10.3745/KIPSTC.2011.18C.5.331
  2. Effective RFID Authentication Using Hash Function vol.14, pp.5, 2010, https://doi.org/10.6109/jkiice.2010.14.5.1171
  3. Verification of a Function-based Security Authentication Protocol for Implantable Medical Devices vol.12, pp.5, 2014, https://doi.org/10.14400/JDC.2014.12.5.249