Browse > Article

A Mutual Authentication Protocol using Key Change Step by Step for RFID Systems  

Chung, Kyung-Ho (경북대학교 컴퓨터공학과 임베디드 시스템 연구실)
Kim, Kyoung-Youl (경북대학교 컴퓨터공학과 임베디드 시스템 연구실)
Oh, Se-Jin (경북대학교 컴퓨터공학과 임베디드 시스템 연구실)
Lee, Jae-Kang (경북대학교 컴퓨터공학과 임베디드 시스템 연구실)
Park, Yong-Soo (경북대학교 컴퓨터공학과 임베디드 시스템 연구실)
Ahn, Kwang-Seon (경북대학교 컴퓨터공학과 임베디드 시스템 연구실)
Publication Information
The Journal of Korean Institute of Communications and Information Sciences / v.35, no.3B, 2010 , pp. 462-473 More about this Journal
Abstract
The RFID system has the security problem of location tracking and user privacy. In order to solve this problem, the cryptographic access method using hash function is difficult to in real applications. Because there is a limit of computing and storage capacity of Tag, but the safety is proved. The lightweight authentication methods like HB and LMAP guarantee the high efficiency, but the safety is not enough to use. In this paper, we use the AES for RFID Authentication, and solve the problem of using fixed key with key change step by step. The symmetric keys of the tag and server are changed by the random number generated by tag, reader and server successively. This could prevent the key exposure. As a result, the output of the tag and reader always changes. These key changes could make it possible to prevent eavesdropping, replay attack, location tracking and spoofing.
Keywords
RFID; AES; Authentication Protocol; Cryptograph; Key Change;
Citations & Related Records
Times Cited By KSCI : 2  (Citation Analysis)
연도 인용수 순위
1 박용수, 신주석, 최명실, 정경호, 안광선, "해쉬된 태그ID와 대칭키 기반의 RFID 인증프로토콜", 한국정보처리학회논문지, 16(C), 6호, pp.669-680, Dec 2009.   과학기술학회마을   DOI   ScienceOn
2 A. Juels, R. Rivest, and M. Szydlo, "The Blocker Tag: Selective Blocking of RFID Tags for Consumer Privacy," 8th ACM Conference on Computer and Communications Security, pp. 103-111, Oct 2003.
3 P. Peris-Lopez, J. Hermandez-Castro, J. Estevez-Tapaidor, and A. Ribagorda, "M2AP: A Minmalist Mutual-Authentication Protocol for Low-cost RFID tags," Proceedings of UIC, LNCS 4159, pp.912-923, 2006.
4 P. Peris-Lopez, J. Hermandez-Castro, J. Estevez-Tapaidor, and A. Ribagorda, "EMAP: An Efficient Mutual-Authentication Protocol for Low-Cost RFID Tags," Proceedings of On the Move to Meaningful Internet Systems 2006, pp. 352-261, 2006.
5 권대성, 이주영, 구본욱, "경량 RFID 상호 인증 프로토콜 LMAP, M2AP, EMAP에 대한 향상된 취약성 분석", 정보보안학회논문지, 17(4), pp. 103-113, Aug 2007.   과학기술학회마을
6 T. Li, R. Deng, "Vulnerability Analysis of EMAP," Proceedings of the The Second International Conference on Availability Reliability and Security, pp.238-245, 2007.
7 S. Kinoshita, M. Ohkubo, F. Hoshino, G. Morohashi, O. Shionoiri, and A. Kanai, "Privacy Enhanced Active RFID Tag," 1st International Workshop on Exploiting Context Histories in Smart Environments, 2005.
8 D. Molnar, D. Wagner, "Privacy and Security in Library RFID Issues, Practices, and Architectures," Proceedings of the 11th ACM conference on Computer and communications security, pp.210-219, Oct 2004.
9 CHES2009, "Workshop on Cryptographic Hardware and Embedded Systems," http://www.chesworkshop.org, 2009.
10 B. Toiruul, K. Lee, "An Advanced Mutual Authentication Algorithm Using AES for RFID Systems," International Journal of Computer Science and Network Security, 6(9B), pp. 156-162, Sep 2006.
11 이남기, 장태민, 전병찬, 전진오, 유수봉, 강민섭, "AES 암호 프로세서를 이용한 강인한 RFID 인증 프로토콜 설계", 한국정보처리학회 2008 추계 학술발표대회, 15(2), pp.1473-1476, Nov 2008.
12 G. E. Suh, S. Devadas, "Physical unclonable functions for device authentication and secret key generation," Proceedings of the 44th annual Design Automation Conference, pp.9-14, 2007.
13 A. Juels, "Strengthening EPC Tags Against Cloning," ACM Workshop on Wireless Security, pp.67-76, 2005.
14 S. Weis, S. Sarma, R. Rivest, and D. Engels, "Security and Privacy Aspects of Low-Cost Radio Frequency Identification Systems," In Security in Pervasive Computing, LNCS 2802, pp.201-212, 2005.
15 M. Ohkubo, K. Suzuki, and S. Kinoshita, "A Cryptographic Approach to "Privacy-Friendly" tag," RFID Privacy Workshop, 2003.
16 A. Juels, R. Pappu, "Squealing Euros : Privacy protection in RFID-enabled banknotes," Financial cryptography International conference, LNCS 2742, pp.103-123, 2003.
17 P. Golle, M. Jakobsson, A. Juels, and P. Syverson, "Universal Re-encryption for mixnets," RSA Conference Cryptographers Track '04, LNCS 2964, pp.163-178, 2003.
18 M. Feldhofer, C. Rechberger, "A Case Against Currently Used Hash Functions in RFID Protocols," On the Move to Meaningful Internet Systems, LNCS 4277, pp.372-381, 2006.
19 M. Feldhofer, S. Dominikus, and J. Wolkerstorfer, "Strong Authentication for RFID Systems Using the AES Algorithm," Cryptographic Hardware and Embedded Systems, LNCS 3156, pp.85-140, 2004.
20 M. Jung, H. Fiedler and R. Lerch, "8-bit microcontroller system with area efficient AES coprocessor for transponder applications," Ecrypt Workshop on RFID and Lightweight Crypto 2005, pp.32-43, 2005.
21 M. Feldhofer, J. Wolkerstorfer, and V. Rijmen, "AES implementation on a grain of sand," IEEE Proceedings Information Security, 152(4), pp. 13-20, Nov 2005.
22 N. Hopper, M. Blum, "Secure Human Identification Protocols," Proceedings of the 7th International Conference on the Theory and Application of Cryptology and Information Security, LNCS 2248, pp.52-66, 2001.
23 A. Juels, S, Weis, "Authenticating Pervasive Devices with Human Protocols," Advances in Cryptology (CRYPTO 2005), LNCS 3621, pp. 293-308, 2005.
24 P. Peris-Lopez, J. Hermandez-Castro, J. Estevez- Tapaidor, and A. Ribagorda, "LMAP: A Real Leightweight Mutual Authentication Protocol for Low-cost RFID tags," Workshop on RFID security, pp.137-148, July 2006.
25 EPCglobal Inc, "EPC RFID Protocols Class-1 Generation-2 UHF RFID Protocol for Communications at 860MHz-960MHz," Oct, 2008.