한국통신학회논문지 (The Journal of Korean Institute of Communications and Information Sciences)

  • 제37권3C호
  • /
  • Pages.241-250
  • /
  • 2012
  • /
  • 1226-4717(pISSN)
  • /
  • 2287-3880(eISSN)
한국통신학회 (The Korean Institute of Commucations and Information Sciences)
권호 표지
DOI QR코드

DOI QR Code

개선된 해시기반의 RFID 상호인증 프로토콜

Improved An RFID Mutual Authentication Protocol Based on Hash Function

  • 신주석 (한국전자통신연구원 자동차IT플랫폼 연구팀) ;
  • 오세진 (경북대학교 전자전기컴퓨터학부 임베디드 시스템 연구실) ;
  • 정철호 (경남대학교 전자공학과) ;
  • 정경호 (경운대학교 컴퓨터공학과) ;
  • 안광선 (경북대학교 전자전기컴퓨터학부 임베디드 시스템 연구실)
  • 투고 : 2011.10.12
  • 심사 : 2012.02.22
  • 발행 : 2012.03.30
PDF 다운로드
⟨ 이전 논문 다음 논문 ⟩

초록

2010년 Jeon-Kim은 상호인증 기법, 해시함수 및 비밀 키 업데이트를 이용하여 RFID 시스템에서의 다양한 보안상 문제점을 해결한 HMAP(Hash-based Mutual Authentication Protocol for RFID Environment)를 제안하였다. 안전성 분석을 통하여 Jeon-Kim은 HMAP가 도청공격을 포함한 다양한 공격들에 안전함을 증명하였다. 하지만 그들이 주장한 바와는 달리 HMAP 프로토콜은 도청공격으로 인해 다음 세션에서 사용하게 될 비밀 키가 노출되는 문제점이 있다. 본 논문에서는 보안성 분석을 통하여 HMAP의 문제점을 분석 및 증명하고 이를 해결하기 위해 개선된 해시기반의 RFID 상호인증 프로토콜을 제안한다.

In 2010, Jeon-Kim proposed HMAP(Hash-based Mutual Authentication Protocol for RFID Environment) to resolve a variety of problem related to security using Mutual authentication scheme, the hash function and secret key is used to update in RFID system. Jeon-Kim proved RMAP was safe for a variety of attacks including eavesdropping attacks through safety analysis. However, unlike the claims of the proposed protocol is vulnerable to next session of the secret key exposure due to eavesdropping. In this paper, we analyze the problem of RMAP and proves it through security analysis. And we also propose improved an RFID Mutual Authentication Protocol based on Hash Function to solve problems of HMAP.

키워드

참고문헌

  1. S. A. Weis, "Security an Privacy in Radio-Frequency Identification Devices," MS Thesis. MIT. May, 2003.
  2. S. A. Weis, S. E. Sarma, R. L. Rivest, and D. W.Engels, "Security and Privacy Aspects of Low-Cost Radio Frequency Identification Systems," Security in Pervasive Computing 2003, LNCS 2802, pp. 201-212, 2003.
  3. S. E. Sarma, S. A. Weis, D. W. Engels. "RFID systems, security & privacy implications," White Paper MIT-AUTOID-WH_014, MIT AUTO-ID CENTER, 2002.
  4. A. Juels and R. Pappu, "Squealing euros: privacy protection in RFID-enabled banknotes," In proceedings of Financial Cryptography-FC'03, Vol. 2742 LNCS, pp. 103-121, Springer-Verlag, 2003.
  5. F. Klaus, "RFID handbook," Second Edition, Jone Willey & Sons, 2003.
  6. Dong-ho Jeon, Hae-moon Kim, Hye-jin Kwon, Soon-ja Kim, "Hash-based Mutual Authentication Protocol for RFID Environment", Journal of the Korea Information and Communications Society, 35(1), pp. 42-52, Jan, 2010.
  7. Gene Tsudik, "YA-TRAP: Yet Another Trivial RFID Authentication Protocol", Proceedings of the 4th annual IEEE international conference on Pervasive Computing and Communications Workshops, pp. 640-643, Mar. 2006.
  8. J. Aragones, A. Martinez-Balleste, and A. Solanas, "A brief survey on rfid privacy and security", In World Congress on Engineering, 2007.
  9. M. Ohkubo, K. Suzuki and S. Kinoshita, "Hash-chain based forward secure privacy protection sheme for low-cost RFID", Proceedings of the 2004 Symposium on Cryptography and formation Security.Sendai, pp. 719-724, 2004.
  10. D.W.Hong, K.Y.Chang, T.J.Park, K.I.Chung, "Trend of Cryptography for Ubiquitous Environment," Electronics and Telecommunications Trends, 20(1), pp. 63-72, Feb, 2005.
  11. Korea Information Security Agency, "RFID Privacy GuideLine", Sep, 2007.
  12. Tae Youn Won, Il Jung Kim, Eun Young Choi, Dong Hoon Lee, "Encryption scheme suitable to RFID Systems based on EPC Generation," Journal of the Korea Institute of Information Security and Cryptology, 18(1), pp. 67-75, Feb, 2008.
  13. Jung-Sik Cho, Sang-Soo Yeo, Sung-Kwon Kim, "Securing against brute-force attack: A hash-based RFID mutual authentication protocol using a secret value", Computer Communications, Vol. 34, No. 3, pp.391-397, Mar. 2011. https://doi.org/10.1016/j.comcom.2010.02.029
  14. A. Juels, "RFID security and privacy: a research survey", IEEE Journal on Selected Areas in Communications, Vol. 24, No. 2, pp.381-394, Feb. 2006. https://doi.org/10.1109/JSAC.2005.861395
  15. Hae-Soon Ahn , Ki-Dong Bu , Eun-Jun Yoon , In-Gil Nam, "Improved Authentication Protocol for RFID/USN Environment," Journal of the Institute of Electronics Enginners of Korea, 46(1), pp.1-10. 2009.
  16. Kim-Dae Jung, Jun Moon Seog, "Design of RFID Mutual Authentication Protocol using One Time Random Number", Journal of the Korea Information Science Society, 35(3), pp.243-250, Jun, 2008.
  17. JangYoung Chung, YoungSik Hong, "RFID Authentication Protocol Verification in Serverless Environment", Journal of the Korea Information Science Society, 35(1A), pp.140-145, Jun, 2008.
  18. JaeCheol Ha , JeaHoon Park , JungHoon Ha, HwanKoo Kim, SangJae Moon, "Low-cost Authentication Protocol Using Pre-synchronized Search Information in RFID System", Journal of the Korea Institute of Information Security and Cryptology, 18(1), pp.77-87, Feb. 2008.
  19. Chia-Hui Wei, Min-Shiang Hwang, Chin, A.Y, "A Mutual Authentication Protocol for RFID". Computing & Processing, vol.13, pp. 20-24. IEEE Computer Society (2011)