The KIPS Transactions:PartC (정보처리학회논문지C)

Korea Information Processing Society (한국정보처리학회)
권호 표지
DOI QR코드

DOI QR Code

A New Dynamic-ID based RFID Mutual Authentication Protocol Eliminated Synchronization Problem

동기화 문제를 해결한 새로운 동적 아이디기반 RFID 상호 인증 프로토콜

  • 임지환 (한양대학교 컴퓨터공학과) ;
  • 오희국 (한양대학교 컴퓨터공학과) ;
  • 김상진 (한국기술교육대학교 인터넷미디어공학부)
  • Published : 2008.12.31
Download PDF
⟨ Previous Next ⟩

Abstract

The recently proposed RFID(Radio Frequency Identification) authentication protocol based on a hash function can be divided into two types according to the type of information used for authentication between a reader and a tag: either a value fixed or one updated dynamically in a tag memory. In this paper, we classify the protocols into a static ID-based and a dynamic-ID based protocol and then analyze their respective strengths and weaknesses. Also, we define a new security model including forward/backward traceability, synchronization, forgery attacks. Based on the model, we analyze the previous protocols and propose a new dynamic-ID based RFID mutual authentication protocol. Our protocol provide enhanced RFID user privacy compared to previous protocols and identify a tag efficiently in terms of the operation quantity of a tag and database.

기 제안된 해쉬 기반 RFID(Radio Frequency Identification) 인증 프로토콜들은 리더와 태그간의 인증을 위해 이용하는 정보가 태그에 고정되어 저장되어 있는 값인지, 동적으로 변경되며 저장되는 값인지에 따라 두 가지 유형으로 분류할 수 있다. 본 논문에서는 이를 각각 정적 아이디기반과 동적 아이디기반 인증 프로토콜로 분류하고 이들 각각의 장단점에 대해서 살펴본다. 또한 본 논문에서는 전방향/후방향 위치추적, 동기화, 위장 공격의 개념을 포함하는 새로운 보안 모델을 제시하며 이에 근거해 기 제안된 프로토콜들과 제안하는 프로토콜의 안전성을 분석한다. 제안하는 프로토콜은 기 제안된 프로토콜들에 비해 더욱 강화된 사용자 프라이버시를 제공하면서 태그 및 데이터베이스의 연산량 측면에서도 더 효율적으로 태그를 인식할 수 있다.

Keywords

References

  1. A. Juels, “RFID Security and Privacy: A Research Survey,” IEEE Journal on Selected Areas in Communication, Vol.24(2), pp.381-394. 2006 https://doi.org/10.1109/JSAC.2005.861395
  2. G. Avoine, “Adversarial Model for Radio Frequency Identification,” Cryptology ePrint Archive, Report 2005/049, 2005
  3. C. Lim and T. Kwon, “Strong and Robust RFID Authentication Enabling Perfect Ownership Transfer,” Proc. of the ICICS 2006, Vol.4307 of LNCS, pp.1-20, Springer-Verlag, 2006 https://doi.org/10.1007/11935308_1
  4. A. Juels and S. Weis, “Defining Strong Privacy for RFID,” Cryptology ePrint Archive, Report 2006/137, 2006
  5. I. Damgard and M.O. Pedersen, “RFID Security: Tradeoffs between Security and Efficiency,” Proc. of the CT-RSA 2008, Vol.4964 of LNCS, pp.318-332, Springer-Verlag, 2008 https://doi.org/10.1007/978-3-540-79263-5_20
  6. S. Vaudenay, “On Privacy Models for RFID,” Proc. of the Asiacrypt 2007, Vol.4833 of LNCS, pp.68-87, Springer-Verlag, 2007 https://doi.org/10.1007/978-3-540-76900-2_5
  7. P.I. Paise and S. Vaudenay, “Mutual Authentication in RFID: Security and Privacy,” Proc. of the CCS 2008, pp.292-299, ACM, 2008
  8. T. Dimitriou, “A Lightweight RFID protocol to protect against traceability and cloning attack,” Proc. of the SecureComm 2005, pp.59-66, 2005 https://doi.org/10.1109/SECURECOMM.2005.4
  9. S. Lee, Y. Hwang, “Efficient authentication for low-cost RFID systems,” Proc. of the ICCSA 2005, Vol.3480 of LNCS, pp.619-629. Springer-Verlag, 2005 https://doi.org/10.1007/11424758_65
  10. M. Ohkubo, K. Suzuki and S. Kinoshita, “Efficient hash-chain based RFID privacy protection scheme,” Proc. of the Workshop on Privacy: Current Status and Future Direction, 2004
  11. K. Rhee, J. Kwak, S. Kim, and D. Won, “Challenge-response based RFID authentication protocol for distributed database environment,” Proc. of the SPC 2005, Vol.3450 of LNCS, pp.70-84, Springer-Verlag, 2005
  12. S.A. Weis, S. Sarma, R. Rivest and D. Engels, “Security and privacy aspects of low-cost radio frequency identification systems,” Proc. of the SPC 2003, Vol.2802 of LNCS, pp.201-212, Springer-Verlag, 2004 https://doi.org/10.1007/b95124
  13. P. Golle, M. Jakobsson, A. Juels and P. Syverson, “Universal re-encryption for mixnets,” Proc. of the CT-RSA 2004, Vol.2964 of LNCS, pp.163-178, Springer-Verlag, 2004
  14. J. Saito, J. Ryou and K. Sakurai, “Enhancing privacy of universal re-encryption scheme for RFID tags,” Proc. of the EUC 2004, Vol.3207 of LNCS, pp.879-890, Springer-Verlag, 2004
  15. A. Juels and R. Pappu, “Squealing euros: Privacy protection in RFID-enabled Banknotes,” Proc. of the FC 2003, Vol.2742 of LNCS, pp.103-121, Springer-Verlag, 2003
  16. A. Juels, “Minimalist cryptography for Low-Cost RFID Tags,” Proc. of the SCN 2004, Vol.3352 of LNCS, pp.149-164, Springer-Verlag, 2004
  17. E. Choi, S. Lee and D. Lee, “Efficient RFID Authentication protocol for Ubiquitous Computing Environment,” Proc. of the SecUbiq 2005, Vol.3823 of LNCS, pp.945-95, Springer-Verlag, 2005 https://doi.org/10.1007/11596042_97
  18. A. Juels and S.A. Weis, “Authenticating Pervasive Devices with Human Protocols,” Proc. of the Crypto 2005, Vol.3621 of LNCS, pp.293-308, Springer-Verlag, 2005 https://doi.org/10.1007/11535218_18
  19. H. Gilbert, M. Robshaw and H. Sibert. “An Active Attack Against HB+ - A Provably Secure Lightweight Authentication Protocol,” IEE Electronics Letters, Vol.41(21), pp.1169-1170, IET, 2005 https://doi.org/10.1049/el:20052622
  20. K. Jonathan and J. Shin. “Parallel and Concurrent Security of the HB and HB+ Protocols,” Proc. of the Eurocrypt 2006, Vol.4004 of LNCS, pp.73-87, Springer-Verlag, 2006 https://doi.org/10.1007/11761679_6
  21. M. Bellare, P. Rogaway, “Random Oracles are Practical: A Paradigm for Designing Efficient Protocols,” Proc. of the CCS 1993, pp.62-73, ACM, 1993 https://doi.org/10.1145/168588.168596
  22. J. Lim, S. Kim and H. Oh, “A New Hash-base RFID Mutual Authentication Protocol Providing Enhanced User Privacy Protection,” Proc. of the ISPEC 2008, Vol.4991 of LNCS, pp.278-289, Springer-Verlag, 2008 https://doi.org/10.1007/978-3-540-79104-1_20
  23. S. Kim, J. Lim, J. Han and H. Oh, “Efficient RFID Search Protocols Using Counters,” IEICE Trans. Commun., volume. E91-B(11), 2008 https://doi.org/10.1093/ietcom/e91-b.11.3552