Browse > Article
http://dx.doi.org/10.7840/KICS.2011.36B.8.1028

Privacy Preserving and Relay Attack Preventing Multi-Context RFID Mutual Authentication Protocol  

Ahn, Hae-Soon (대구대학교 기초교육원 컴퓨터과정)
Yoon, Eun-Jun (경북대학교 전자전기컴퓨터학부)
Nam, In-Gil (대구대학교 컴퓨터.IT공학부)
Abstract
Recently, Selim et al proposed public key cryptography based privacy preserving multi-context RFID authentication protocol. However Selim et al's proposed protocol not only doesn't fit into passive tag based RFID system because it uses public key based encryption algorithm to perform authentication between reader and tag, but also is insecure to an impersonation attack because it doesn't provide mutual authentication. In order to eliminate the above described efficiency problem and security vulnerabilities, this paper proposes a new multi-context RFID mutual authentication protocol that can prevent privacy invasion and tag impersonation attack through providing mutual authentication between single passive tag which is located different application space and readers which provide multi-context purposes and can secure against relay attack and denial-of-service attack. As a result, the proposed protocol performs secure mutual authentication based on the collected space and time information from the RFID reader and provides strong security and high computation efficiency because if performs secure one-way hash function and symmetric encryption operations suitable to the environments of passive RFID tags.
Keywords
RFID; authentication; multi-context privacy; hash function; public key; relay attack;
Citations & Related Records
Times Cited By KSCI : 1  (Citation Analysis)
연도 인용수 순위
1 J. Yang, J. Park, H. Lee, K. Ren, and K. Kim, "Mutual authentication protocol for low-cost RFID", Handout of the Encrypt Workshop on RFID and Lightweight Crypto, 2005.
2 R. Winternitz, "A secure one-way hash function built from DES," In Proceedings of the IEEE Symposium on Information Security and Privacy, IEEE Press, pp.88-90, 1984.
3 K.Finkenzeller, "RFID handbook: fundamentals and applications in Contactless smart cards and identification", (2nd ed.), Munich, Germany: Wiley, 2003.
4 M.S. Hwang, I.C. Lin, and L.H. Li. A Simple Micro-payment Scheme, The Journal of Systems and Software, Vol.55 pp.221-229, 2001.   DOI   ScienceOn
5 S. A. Weis, S. Sarma, R. Rivest, D. Engels, "Security and privacy aspects of low-cost radio frequency identification systems," Security in Pervasive Computing 2003, LNCS 2802, pp.201-212, Springer-Verlag, 2004.
6 Weis, S. et al, "Security and Privacy in Radio-Frequency Identification Devices", Massachusetts Institute of Technology, 2003.
7 A. Juels and R. Pappu, "Squealing euros: privacy protection in RFID-enabled banknotes," In proceedings of Financial Cryptography- FC'03, Vol.2742 LNCS, pp.103-121, Springer- Verlag, 2003.
8 Selim Volkan Kaya, Erkay Savas, Albert Levi and Ozgur Ercetin. Public key cryptography based privacy preserving multi-context RFID infrastructure. Ad Hoc Networks, volume 7, pages 136-152, 2009.   DOI   ScienceOn
9 ISO 14443. Identification cards-Contactless integrated circuit cards-Proximity cards. International Organization for Standardization, Geneva.
10 M. Feldhofer, S. Dominikus, J. Wolkerstorfer, Strong authentication for RFID systems using the AES algorithm, in: M. Joye, J.J. Quisquater (Eds.), CHES 2004, LNCS, vol. 3156, Springer-Verlag, 2004, pp.357-370.
11 S. E. Sarma, S. A. Weis, D. W. Engels. "RFID systems, security & privacy implications," White Paper MIT-AUTOID-WH_014, MIT AUTO-ID CENTER, 2002.
12 S. Junichiro, H. Jae-Cheol and S. Kouichi, "Enhancing privacy of universal re-encryption scheme for RFID tags," EUC 2004, Vol. 3207 LNCS, pp.879-890, Springer-Verlag, 2004.
13 S. Garfinkel and B. Rosenberg, "RFID applications, security, and privacy", Boston, USA: Addison-Wesley, 2005.
14 T. Cao and P. Shen, "Cryptanalysis of two RFID authentication protocols", International journal of network security, In press, 2008.
15 ISO 15693. Identification cards - Contactless integrated circuit cards-Vicinity cards. International Organization for Standardization, Geneva.
16 Choi, Eun Young and Lee, Su Mi and Lee, Dong Hoon, "Efficient RFID Authentication protocol for Ubiquitous Computing Environment" In International Workshop on Security in Ubiquitous Computing Systems - secubiq 2005, Volume 3823 LNCS, pp.945-95.
17 M. Ohkubo, K. Suzuki, and S. Kinoshita, "Hash-chain based forward-secure privacy protection scheme for low-cost RFID," Proceedings of the SCIS 2004, pp.719-724, 2004.
18 J.E. Bardram, R.E. Kjaer and M.O. Pedersen. Context-aware user authentication-Supporting proximity-based login in pervasive computing, UbiComp 2003, LNCS 2864, pp.107-123, Spring-Verlag 2003.
19 S.Shepard, "RFID: Radio Frequency Identification", New York, USA: Mc Graw Hill, 2005.
20 안해순, 부기동, 윤은준, 남인길, "RFID/USN 환경을 위한 개선된 인증 프로토콜," 전자공학회논문지, 제46권, 제CI-1호, pp.1-10, 2009.
21 I. Satoh. Location-based services in ubiquitous computing environments, Service-Oriented Computing-ICSOC 2003, Springer-Verlag LNCS 2910, pp.527-42, November 2003.
22 L.Srivastava, "Ubiquitous network societies: The case of Radio Frequency Identification, background paper", International telecommunication union (ITU)new initiatives workshop on ubiquitous network societies, Geneva, Switzerland, 2005.