• IEIE Transactions on Smart Processing and Computing
• /
• v.1 no.1
• /
• pp.65-71
• /
• 2012

Mobile RFID is a new application that uses a mobile phone as an RFID reader with wireless technology and provides a new valuable service to users by integrating RFID and ubiquitous sensor network infrastructures with mobile communication and wireless Internet. Whereas the mobile RFID system has many advantages, privacy violation problems on the reader side are very concerning to individuals and researchers. Unlike in regular RFID environments, where the communication channel between the server and reader is assumed to be secure, the communication channel between the backend server and the RFID reader in the mobile RFID system is not assumed to be safe. Therefore it has become necessary to devise a new communication protocol that secures the privacy of mobile RFID-enabled devices. Recently, Lo et al. proposed a mutual key agreement protocol that secures the authenticity and privacy of engaged mobile RFID readers by constructing a secure session key between the reader and server. However, this paper shows that this protocol does not meet all of the necessary security requirements. Therefore we developed an enhanced mutual key agreement protocol for mobile RFID-enabled devices that alleviates these concerns. We further show that our protocol can enhance data security and provide privacy protection for the reader in an unsecured mobile RFID environment, even in the presence of an active adversary.

• Journal of Digital Convergence
• /
• v.10 no.3
• /
• pp.155-160
• /
• 2012

This paper proposes an authentication protocol based on hash and AES safe from various types of attacks in order to assure the security of communication between tags and readers, which exchange data with each other wirelessly in a RFID system. The proposed authentication protocol resolves a problem in existing hash-based protocols whereby the same hidden value is generated for the same identification in each session. In order to hide tag identification information a number of complicated calculations were required, but using the proposed AES protocol reduces such calculations, strengthens security against replay attack, spoofing attack, traffic analysis, eavesdropping, etc. and assure mutual authentication between tags and readers.

• Journal of the Korea Academia-Industrial cooperation Society
• /
• v.7 no.4
• /
• pp.642-648
• /
• 2006

In this paper, I have proposed a secure dynamic ID allocation protocol using mutual authentication on the RFID tag. Currently, there are many security protocols focused on the low-price RFID tag. The conventional low-price tags have limitation of computing power and rewritability of memory. The proposed secure dynamic ID allocation protocol targets to the high-performance RFID tags which have more powerful performance than conventional low-price tag by allocating a dynamic ID to RFID using mutual authentication based on symmetric encryption algorithm. This protocol can be used as a partial solution for ID tracing and forgery.

• The Journal of the Institute of Internet, Broadcasting and Communication
• /
• v.11 no.4
• /
• pp.61-68
• /
• 2011

Recently arithmetic circuit of lightweight AES symmetric key algorithm that can apply to passive tag have been developed, then security protocol of RFID system using AES symmetric encryption techniques have been proposed. This paper proposed security enhancement protocol of RFID system using lightweight AES arithmetic circuit and random number generator of passive tag. The proposed protocol have AES algorithm and random number generator at server, reader, tag, and transmit encrypted message by separate secret key using random number at each session. The mutual authentication of tag and reader used reader random number and tag random number. As a result, proposal protocol reduce authentication steps of the existing mutual authentication protocol, and reduce amount of computation of tag, and demonstrate as secure protocol to every attack type of attacker by decrease communication step of Air Zone.

• Journal of Korea Society of Industrial Information Systems
• /
• v.17 no.6
• /
• pp.1-9
• /
• 2012

Low-cost RFID tags are used in many applications. However, since it has very limited power of computation and storage, it's not easy to make a RFID mutual authentication protocol which can resist from the various security attacks. Quite recently, Tian et al. proposed a new ultralightweight authentication protocol (RAPP) for low-cost RFID tags using the low computation cost operations; XOR, rotation, and permutation operations, which is able to resist from the various security attacks. In this paper, we show that RAPP is vulnerable to the de-synchronization attack and present an improved RAPP which overcomes the vulnerability of RAPP.

• Journal of Internet Computing and Services
• /
• v.12 no.6
• /
• pp.139-147
• /
• 2011

We proposed the secure and efficient passive RFID protocol which is based on one-way hash based low-cost authentication protocol (OHLCAP). The paper introduces OHLCAP and the vulnerabilities of OHLCAP and suggests security solutions by analyzing them. Afterwards, The paper presents the proposed protocol and demonstrates computational performance and security of the protocol. This protocol not only has the resistances against eavesdropping attack, impersonation attack, desynchronization attack, and replay attack but also provides untraceability and forward secrecy.

• Journal of KIISE:Information Networking
• /
• v.35 no.3
• /
• pp.243-250
• /
• 2008

Recently, researched RFID authentication protocols still have vulnerability of attack, such as location tracking attack, replay attack. spoofing attack etc. This paper designed method of making one time random number in DB server side unlike previously researched protocols, and it protects RFID communication from location tracking, replay attack and spoofing attack.

• Journal of the Korea Academia-Industrial cooperation Society
• /
• v.10 no.3
• /
• pp.560-566
• /
• 2009

A low-power Radio Frequency Identification (RFID) system is an auto-identification technology that reads and writes an information of things without physical contacts using radio frequency. It is unescapable against unlawful modification, eavesdropping, tracking, or privacy of individuals because RFID systems use the radio frequency and RFID tags. Therefore we create a key using hash chain between database and tag and this process can prevent above attacks. Also we support the efficiency of proposed protocol using hash function to abate computation.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.20 no.1
• /
• pp.63-72
• /
• 2010

RFID is one of useful identification technology in ubiquitous environments which can be a replacement of bar code. RFID is basically consisted of tag, reader, which is for perception of the tag, and back-end-database for saving the information of tags. Although the usage of mobile readers in cellular phone or PDA increases, related studies are not enough to be secure for practical environments. There are many factors for using mobile leaders, instead of static leaders. In mobile reader environments, before constructing the secure protocol, we must consider these problems: 1) easy to lose the mobile reader 2) hard to keep the connection with back-end-database because of communication obstacle, the limitation of communication range, and so on. To find the solution against those problems, Han et al. suggest RFID mutual authentication protocol without back-end-database environment. However Han et al.'s protocol is able to be traced tag location by using eavesdropping, spoofing, and replay attack. Passive tag based on low cost is required lots of communication unsuitably. Hence, we analyze some vulnerabilities of Han et al.'s protocol and suggest RFID mutual authentication protocol without online back-end-database in aspect of efficiency and security.

• The Journal of Korean Institute of Communications and Information Sciences
• /
• v.31 no.7C
• /
• pp.755-761
• /
• 2006

Previous RFID technique, it is recognizable without the physical contact between the reader and the tag, causes the serious privacy infringement such as excessive information exposure and user's location information tracking due to the wireless characteristics. Especially the information security problem of read only tag is solved by physical method. In this paper, we propose a low-cost mutual authentication protocol which is adopted to read-only tag and secure to several attacks using XOR and Partial ID. The proposed protocol is secure against reply attacking, eavesdropping, spoofing attacking and location tracking.