• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.20 no.4
• /
• pp.89-108
• /
• 2010

Recently many mutual authentication protocol for light-weight hash-based for RFID have been proposed. Most of them have assumed that communications between a backend server and reader are secure, and not considered threats for backend server and RFID reader impersonation. In the real world, however, attacks against database or reader are more effective rather than attacks against RFID tag, at least from attacker's perspective. In this paper, we assume that all communications are not secure to attackers except the physical attack, and considering realistic threats for designing a mutual authentication protocol based on hash function. And It supports a mutual authentication and can protect against the replay attack, impersonation attack, location tracking attack, and denial of service attack in the related work. We besides provide a secure and efficient RFID mutual authentication protocol which resists impersonation attacks on all of the entities and alow a backend server to search tag-related information efficiently. We conclude with analyzing the safety and efficiency among latest works.

• 한국정보통신설비학회:학술대회논문집
• /
• 2008.08a
• /
• pp.146-149
• /
• 2008

The RFID system is very useful in various fields such as the distribution industry and the management of the material, etc. However, the RFID system suffers from various attacks since it does not have a complete authentication protocol. Therefore, this paper propose the authentication protocol that used key server to resist various attacks including DoS(Denial of Service) attack. For easy implementation, the proposed protocol also uses CRC, RN16 generation function existing in EPCglobal class 1 gen2 protocol. This paper performed security analysis to prove that the proposed protocol is resistant to various attacks. The analytical results showed that the proposed protocol offered a secure RFID system.

• The Journal of the Korea institute of electronic communication sciences
• /
• v.9 no.10
• /
• pp.1145-1152
• /
• 2014

The RFID (Radio-Frequency Identification) system is a technology to discern things by radio and an epoch-making new method to improve product management such as distribution, transport, mobilization, inventory control. However, RFID, which uses radio, is at risk for information leakage and falsification due to the vulnerability of security of the communication section. We designed the new authentication protocol by applying the tent map, which is the representative complex systems, to the RFID communication system. A more solid and simple authentication system was designed by applying the initial value sensitivity and irregularity, which are the representative characteristics of the complex system, to the reader and tag of RFID. The purpose of this paper is to verify the usability of the RFID authentication protocol design that uses the nonlinear system shown in this thesis by the new system differentiated from the authentication system that depends on the existing hash function or random numbers.

• Journal of the Institute of Electronics Engineers of Korea CI
• /
• v.46 no.1
• /
• pp.1-10
• /
• 2009

Recently, Shin and Park proposed an authentication protocol using the hash function and the XOR operation in RFID/USN environment. However, Shin and Park's proposed authentication protocol is vulnerable to spoofing attack and location tracking attack and tag key exposure attack, and it does not provide tag anonymity. In this paper, we propose an improved authentication protocol for the RFID/USN environment that can withstand those attacks. The proposed authentication protocol provides more improved secrecy and communication efficiency because it decreases the communication rounds compared with the Shin and Park's protocol.

• The Journal of Korean Institute of Communications and Information Sciences
• /
• v.34 no.10C
• /
• pp.946-954
• /
• 2009

General RFID system has assumed that the communication channel between reader and back-end database is secure channel. However, the reader can be communicated with the database through insecure channel like the communication channel between the reader and the tag according to application environment. In this paper, we propose a new secure RFID mutual authentication protocol based on open network channel which assumed that all communication channels between the database, the reader and the tag are insecure communication channels. The proposed protocol uses a secure one-way hash function to provide authentication and integrity against all communication messages which exchanged on the open channels. In addition, we designed that the proposed protocol can provide forward secrecy by performing the database and the tag update their old secret key with a new secret key after finished mutual authentication.

• Journal of the Korea Institute of Information and Communication Engineering
• /
• v.14 no.3
• /
• pp.737-744
• /
• 2010

The use of RFID recently tends to increase and is expected to expand all over the industry and life. However, RFID is much vulnerable to the malign threats such as eavesdropping, replay attack, spoofing attack, location tracking in the process of authentication. In particular, it is difficult to apply authentication protocol used in the other previous system to low-priced RFID tag. After all, this paper suggests the scheme of efficient authentication protocol for RFID privacy protection. Compared to the previous scheme, suggested scheme reinforces the checking process of transmission data and is secure from eavesdropping and spoofing attack. It minimizes the operation work of the tag and is very useful to apply to the low-priced tag. It also has the merit to confirm the efficiency of communication by reducing the communication rounds.

• The Journal of Korean Institute of Communications and Information Sciences
• /
• v.37 no.5B
• /
• pp.377-384
• /
• 2012

RFID system is a technique to obtain information of tag using radio frequency. Specificity of RFID systems using radio frequency has many problems that is eavesdropping, location tracking, spoofing attack, replay attack, denial of service attack. So, RFID protocol should be used cryptographic methods and mutual authentication for security and privacy. In this paper, we explain the problem of past protocol and propose the nonfixed symmetric key-based RFID mutual authentication protocol using shift computation and random number. Proposed protocol is secure from various attacks. Because it use shift operation and non-fixed symmetric key.

• The Journal of Korean Institute of Communications and Information Sciences
• /
• v.34 no.4B
• /
• pp.428-434
• /
• 2009

Many RFID authentication protocols have been proposed to build a secure ubiquitous environment. However, existing protocols do not respond recent attacks appropriately and they perform many hash operations to authenticate a large number of tags. In this paper, we propose a hash function-based secure authentication protocol for improving efficiency in RFID system. The proposed protocol is safe to passive attacks and active attacks, and requires only 2 hash operations in a tag and 3 hash operations in a database. Accordingly, the proposed protocol is very effective in RFID system environment which is composed to low-cost tags and a database handling many tags.

• Journal of information and communication convergence engineering
• /
• v.7 no.3
• /
• pp.335-339
• /
• 2009

RFID security and privacy issues have been intensively studied in the research field, the authentication between RFID reader and tag is the fundamental them. Most of the existing authentication protocols draw assumptions on classic primitives. Since tags have small capacities, the security mechanisms which are in use in computer networks and communication are not suitable. In this paper, we compare and analyze recent technical research on the problems of privacy and security. It consists of security mechanism, threats and performance evaluation, etc.

• The Journal of Korean Institute of Communications and Information Sciences
• /
• v.37 no.2C
• /
• pp.140-156
• /
• 2012

Since most of recently launched smart devices support NFC(Near Field Communication), RFID applications are tend to be replaced. For instance, previous RFID application areas such as entrance control, mobile e-ticket, electronic payment and et. al are subject to change using NFC. Due to the limitation of passive communication in RFID, it is impossible to cover all security requirements of authentication and authorization mechanism that wide areas of applications demand. Therefore authentication and authorization mechanism based on NFC is very attractive to such applications because active communication methods make it possible to be highly secure in authentication and authorization. In this paper, authors propose a new approach of secure authentication and authorization mechanism using NFC smart devices based on EAP(Extensible Authentication Protocol) and AAA(Authentication, Authorization and Accounting) protocols.