Journal of Korea Society of Industrial Information Systems (한국산업정보학회논문지)

Korea Society of Industrial Information Systems (한국산업정보학회)
권호 표지
DOI QR코드

DOI QR Code

Cryptanalysis and Improvement of a New Ultralightweight RFID Authentication Protocol with Permutation

순열을 사용한 새로운 초경량 RFID 인증 프로토콜에 대한 보안 분석 및 개선

  • 전일수 (금오공과대학교 전자공학부) ;
  • 윤은준 (경일대학교 사이버보안학과)
  • Received : 2012.08.09
  • Accepted : 2012.11.21
  • Published : 2012.12.31
Download PDF
⟨ Previous Next ⟩

Abstract

Low-cost RFID tags are used in many applications. However, since it has very limited power of computation and storage, it's not easy to make a RFID mutual authentication protocol which can resist from the various security attacks. Quite recently, Tian et al. proposed a new ultralightweight authentication protocol (RAPP) for low-cost RFID tags using the low computation cost operations; XOR, rotation, and permutation operations, which is able to resist from the various security attacks. In this paper, we show that RAPP is vulnerable to the de-synchronization attack and present an improved RAPP which overcomes the vulnerability of RAPP.

저가의 RFID 태그는 많은 응용에 이용되지만 매우 한정된 계산 및 저장 능력을 가지고 있기 때문에 다양한 보안공격에 견딜 수 있는 RFID 상호인증 프로토콜을 만들기가 쉽지 않다. 아주 최근에 Tian 등은 계산비용이 적은 XOR 연산, 회전연산, 그리고 순열 연산을 사용하여 다양한 보안 공격에 견딜 수 있는 저가의 RFID 태그를 위한 인증 프로토콜(RAPP)을 제안하였다. 본 연구에서는 RAPP가 비동기화 공격에 취약함을 보이고 아울러 그 취약점을 극복하여 개선된 RAPP를 제시한다.

Keywords

References

  1. 문병현, 이태훈, 서용석, 황지영, 류정탁,. "RFID를 이용한 출입관리 로봇," 한국산업정보학회논문지, Vol. 13, No. 4, pp. 139-144, 2008.
  2. 최형림, 박병주, 신중조, 이정희, "RFID/OCR 기반의 자동화 게이트시스템 개발," 한국산업정보학회논문지, Vol. 12, No. 2, pp. 37-44, 2007.
  3. P. Peris-Lopez, J. C. Hernandez- Castro, J. M. E. Tapiador, and A. Ribagorda, "LMAP: a real lightweight mutual authentication protocol for low-cost RFID tags," in Proc. 2006 Workshop RFID Security. 2006.
  4. P. Peris-Lopez, J. C. Hernandez- Castro, J. M. E. Tapiador, and A. Ribagorda, "M2AP: a minimalist mutual-authentication protocol for low cost RFID tags," in Proc. 2006 International Conference on Ubiquitous Intelligence and Computing, pp. 912-923. 2006.
  5. T. Li and G. Wang, "Security analysis of two ultra-lightweight RFID authentication protocols," in Proc. 2007 IFIP RC-11 International Information Security Conference, pp. 109-120. 2007.
  6. H. Y. Chien, "SASI: a new ultralightweight RFID authentication protocol providing strong authentication and strong integrity," IEEE Trans. Dependable and Secure Computing, vol. 4, no. 4, pp. 337-340, 2007. https://doi.org/10.1109/TDSC.2007.70226
  7. H. M. Sun, W. C. Ting, and K. H. Wang, "On the security of Chien's ultralightweight RFID authentication protocol," IEEE Trans. Dependable and Secure Computing, vol. 8, no. 2, pp. 315-317, 2011. https://doi.org/10.1109/TDSC.2009.26
  8. T. Cao, E. Bertino, and H. Lei, "Security analysis of the SASI protocol," IEEE Trans. Dependable and Secure Computing, vol. 6, no. 1, pp. 73-77, 2009. https://doi.org/10.1109/TDSC.2008.32
  9. R. C. W. Phan, "Cryptanalysis of a new ultralightweight RFID authentication protocol— SASI," IEEE Trans. Dependable and Secure Computing, vol. 6, no. 4, pp. 316-320, 2009. https://doi.org/10.1109/TDSC.2008.33
  10. P. Peris-Lopez, J. Hernandez-Castro, J. Tapiador, A. Ribagorda, "Advances in ultralightweight cryptography for low-cost RFID tags: Gossamer protocol," Information Security Applications, pp. 56-68, 2009.
  11. D. Tagra, M. Rahman, S. Sampalli, "Technique for preventing DoS attacks on RFID systems," 18th international conference on software telecommunications and computer networks— SoftCOM'10, IEEE Computer Society, 2010.
  12. Y. Tian, G. Chen, J. Li, "A New Ultralightweight RFID Authentication Protocol with Permutation," IEEE Communication Letters, Vol. 16, No. 5, pp. 702-705, 2012 https://doi.org/10.1109/LCOMM.2012.031212.120237