Hash-based Mutual Authentication Protocol for RFID Environment

RFID 환경을 위한 해시기반 상호인증 프로토콜

  • 전동호 (경북대학교 전자전기컴퓨터학부 컴퓨터통신망연구실) ;
  • 김해문 (경북대학교 전자전기컴퓨터학부 컴퓨터통신망연구실) ;
  • 권혜진 (경북대학교 전자전기컴퓨터학부 컴퓨터통신망연구실) ;
  • 김순자 (경북대학교 전자전기컴퓨터학부 컴퓨터통신망연구실)
  • Published : 2010.01.31

Abstract

Recently, Ahn et al proposed an improved authentication protocol using the hash function in RFID environment. Their proposed protocol provide the following three merits; it reduces the computational costs of RFID tag. itrfduces the communication overhead between the reader and the tag. it protects the user privacy. However, this paper points out that does not authenticate the legality of the RFID reader and database. this paper proposes an improved mutual authentication protocol that can provide the mutual authenticaion.

최근, Ahn 등에 의해 RFID 환경에서 해시함수를 이용한 개선된 인증 프로토콜을 제안하엿다. 그들이 제안한 프로토콜은 RFID 태그측의 계산량을 감소시켜줄 뿐만 아니라, 통신 오버헤드를 줄여주며, 사용자 프라이버시 등의 장점을 제공한다. 그러나 본 논문에서는 기존에 Ahn 등이 제안한 프로토콜은 태그가 리더와 데이터베이스를 인증 하지 않는 상호인증 문제로 인하여 다양한 공격들에 취약함을 지적하고, 이러한 문제점을 해결한 상호인증을 제공하는 개선된 상호인증 프로토콜을 제안한다.

Keywords

References

  1. K. Finkenzeller, RFID Handbook, John Wiley & Sons, 1999
  2. S A Weis, S Sarma, R Rivest, and D. Engels, "Security and privacy aspects of low-cost radio frequency identification systems", Security In Pervasive Computing 2003, LNCS 2802, pp.201-212, 2004.
  3. S. Junichiro, H. Jae-Cheol, and S. Kouichi, "Enhancing privacy of universal re-encryption scheme for RFID tags," EUC 2004, LNCS 3207, pp.870-890, Springer-Verlag, 2004.
  4. A.Juels and S. A. Weis, "Authenticating pervasive devices with human protocols", Advances in Cryptogloy-Crypto '05, LNCS 3126, pp.293-308, springer, 2005.
  5. S.S Kumar and C. Paar, "Are standards compliant Elliptic Curve Cryptosystems Feasible on RFID?", Proceedings of Workshop on RFID security, Austria, July 2006.
  6. M. Ohkubo, K. Suzuki and S. Kinoshita, "Efficient Hash-Chain Based RFID Privacy Protection Scheme", Privacy Workshop at the Sixth International Conference on Ubiquitous Computing (UbiComp 2004), 2004.
  7. D. Henrici,, P. Muller, "Hash-based Enhancement of Location Privacy for Radio-Frequency Identification Devices using Varying Identifiers", Proc. Second IEEE Annual Conference on Pervasive Computing and Communications Workshops. PERCOMW '04, pp.149-153, 2004.
  8. M. Ohkubo, K. Suzuki, and S. Kinoshita, "A Cryptographic Approach to "Privacy- Friendly" tag", RFID Privacy Workshop, 2003
  9. G. Avoine, P. Oechslin, "A Scalable and. Provably Secure Hash-based RFID Protocol", IEEE PerSec 2005, March 2005.
  10. JeaCheol Ha, JungHoon Ha, SangJae Moon, and Colin Boyd, "LRMAP: Lightweight and Resynchronous Mutual Authentication Protocol for RFID System", Ubiquitous Convergence Technology, 2007.
  11. A. Juels. "Minimalist cryptography for Low-Cost RFID Tags", The Fourth International Conferece on Security in Communication Networks- SCN 2004, LNCS 3352, pp.149-164, 2004.
  12. D. N. Duc, J. park, H. Lee and K. Kim, "Enhancing Security of EPCgloabal Gen-2 RFID Tag against Traceability and Coning", The 2006 Symposium on Cryptography and Information Security, 2006.
  13. A. Juels, "Strenthening EPC Tag against Cloning", ACM Workshop on Wireless Security (WiSe), pp.67-76, 2005.
  14. S. Karthikeyan, and M. Nesterenko, "RFID security without extensive cryptography", Proc. 3rd ACM workshop on Security of ad hoc and sensor networks, pp.63-67, 2005.
  15. H-Y. Chien, and C-H. Chen, "Mutual Authentication Protocol for RFID Conforming to EPC Class 1 Generation 2 Standards", Computers Standard & Interfaces, 29(2), pp.254-259, 2007. https://doi.org/10.1016/j.csi.2006.04.004
  16. J. Bringer, H. chabanne, and E. Dottax, "HB++: A Lightweight Authentication Protocol Secure against Some Attacks", Proc. IEEE Int' Conf Pervasive Service, Workshop Security, Privacy and Trust in Pervasive and Ubiquitous Computing, 2006.
  17. J. Munilla and A.Peinado, "HB-MP:A further step in the HB-family of lightweight authentication protocols", Computer Networks, 51(9): 2262-2267, June 2007. https://doi.org/10.1016/j.comnet.2007.01.011
  18. P. Peris-Lopez, J.C. Hernandez-Castro, J.M. Estevez-Tapiador, and A. Ribagorda, "LMAP: A Real Lightweight Low-Cost RFID Tags", Proc. Second Workshop RFID Security, July, 2006.
  19. P. Peris-Lopez, J.C. Hernandez-Castro, J.M. Estevez-Tapiador, and A. Ribagorda, "M2AP: A Minimalist mutual-Authentication Protocol for Low-Cost RFID Tags", Proc. Int' Conf Ubiquitous Intelligence and Computing(UIC, 06), pp.912-923, 2006.
  20. P. Peris-Lopez, J.C. Hernandez-Castro, J.M. Estevez-Tapiador, and A. Ribagorda, "EMAP: An Efficient Mutual Authentication Protocol for Low-Cost RFID Tags", Proc. OTM Federated Conf and Workshop: IS Workshop, Nov. 2006.
  21. H.-Y. Chien. "SASI: A New Ultralightweight RFID Authentication Protocol Providing Strong Authentication and Strong Integrity", IEEE Transactions on Dependable and Secure Computing, 4(4), pp.337-340. Oct-Dec, 2007. https://doi.org/10.1109/TDSC.2007.70226
  22. T. Li and R.H. Deng, "Vulnerability Analysis of EMAP-an Effcinet RFID Mutual Authentication Protocol," Proc. Second International Conference, Availability, Reliability, and Security (AReS'07), 2007.
  23. T. Li and G. Wang, "Security Analysis of Two Ultra-Lightweight RFID Authentication Protocols," Proc. 22nd IFIP TC-11 International Information Security Conference, May 2007.
  24. H.-Y. Chien and C.-W. Hung, "Security of Ultra-Lightweight RFID Authentication Protocols and Its Improvements," ACM Operating System Rev, 41(2), pp.83-86, July 2007. https://doi.org/10.1145/1278901.1278916
  25. 신진섭, 박영호, "RFID/USN 에서의 EXOR과 해쉬함수를 이용한 인증 프로토콜," 한국산업 정보학회논문지, 12(20), pp.24-29, 2007.
  26. 권혜진, 이재욱, 전동호, 김순자, "데이터베이 스에서 태그 검색이 쉽고 안전한 RFID 상호 인증 프로토콜," 한국정보보호학회논문지, 18(5), pp. 125-134. 2008.
  27. 안해순, 부기동, 윤은준, 남인길, "RFID/USN 환경을 위한 개선된 인증 프로토콜," 전자공학회논문지, 46(1), 제1호, pp.1-10. 2009.