Browse > Article
http://dx.doi.org/10.7840/kics.2016.41.5.581

Security Analysis and Improvements of Authentication Protocol for Privacy Protection in RFID Systems  

Kim, Jiye (College of Information & Communication Engineering, Sungkyunkwan University)
Won, Dongho (College of Information & Communication Engineering, Sungkyunkwan University)
Publication Information
The Journal of Korean Institute of Communications and Information Sciences / v.41, no.5, 2016 , pp. 581-591 More about this Journal
Abstract
RFID(Radio Frequency IDentification) is a key technology in ubiquitous computing and is expected to be employed in more fields in the near future. Nevertheless, the RFID system is vulnerable to attacks by eavesdropping or altering of the messages transmitted in wireless channels. In 2013, Oh et al. proposed a mutual authentication protocol between a tag and a reader in RFID systems. Their protocol is designed to resist location tracking for privacy protection. However, all tags and readers use only one network-wide key in their protocol and tags are usually vulnerable to physical attacks. We found that their protocol is still vulnerable to tag/reader impersonation attacks and location tracking if an attacker obtains the network-wide key from a tag. In this paper, we propose a security improved authentication protocol for privacy protection in RFID systems. In addition, we demonstrate that the proposed scheme is efficient in terms of computation and communication costs.
Keywords
RFID(Radio Frequency IDentification); Security; Privacy; Authentication Protocols;
Citations & Related Records
Times Cited By KSCI : 8  (Citation Analysis)
연도 인용수 순위
1 R. S. Ahn, E. J. Yoon, K. D. Bu, and I. G. Nam, "Secure and efficient DB security and authentication scheme for RFID system," J. KICS, vol. 36, no. 4C, pp. 197-206, Nov. 2011.   DOI
2 D. H. Jeon, H. M. Kim, H. J. Kwon, and S. J. Kim, "Hash-based mutual authentication protocol for RFID environment," J. KICS, vol. 35, no. 1B, pp. 42-52, Oct. 2010.
3 K. Rhee, J. Kwak, S. Kim, and D. Won, "Challenge-response based RFID authentication protocol for distributed database environment," Security in Pervasive Computing, Springer, vol. 3450, pp. 70-84, Boppard, Germany, 2005.
4 J. S. Kim, J. K. Park, and Y. T. Shin, "RFID-Based automatic inspection system design and implementation for manufacturing and retail industry," J. KICS, vol. 39, no. 1C, pp. 97-105, Jan. 2014.
5 S. Oh, C. Lee, T. Yun, K. Chung, and K. Ahn, "Improved authentication protocol for privacy protection in RFID systems," J. KICS, vol. 38, no. 1, pp. 12-18, Jan. 2013.
6 E. J. Yoon and K. Y. Yoo, "Patient authentication system for medical information security using RFID," J. KICS, vol. 35, no. 6B, pp. 962-969, Jun. 2010.
7 W. Che, S. Kim, Y. Kim, T. Yun, K. Ahn, and K. Han, "Design of PUF-Based encryption processor and mutual authentication protocol for Low-Cost RFID authentication," J. KICS, vol. 39, no. 12B, pp. 831-841, Dec. 2014.
8 S. A. Weis, S. E. Sarma, R. L. Rivest, and D. W. Engels, "Security and privacy aspects of low-cost radio frequency identification systems," Security in Pervasive Computing, Springer, pp. 201-212, Boppard, Germany, 2004.
9 W. S. Bae, "Design of an authentication protocol for privacy protection in RFID systems," J. Digital Policy and Management, vol. 10, no. 3, pp. 155-160, Apr. 2012.
10 K. H. Chung, K. Y. Kim, S. J. Oh, J. K. Lee, Y. S. Park, and K. S. Ahn, "A mutual authentication protocol using key change step by step for RFID systems," J. KICS, vol. 35, no. 3B, pp. 462-473, Mar. 2010.
11 B. Toiruul, K. O. Lee, H. J. Lee, Y. H. Lee, and Y. Y. Park, "Mutual-authentication mechanism for RFID systems," Mobile Ad-hoc and Sensor Networks, Springer, pp. 449-460, Hong Kong, China, Dec. 2006.
12 A. Juels, "RFID security and privacy: A research survey," IEEE J. Sel. Areas in Commun., vol. 24, no. 2, pp. 381-394, 2006.   DOI
13 S. E. Sarma, S. A. Weis, and D. W. Engels, "RFID systems and security and privacy implications," Cryptographic Hardware and Embedded Systems-CHES 2002, Springer, pp. 454-469, Redwood Shores, CA, USA, Aug. 2002.
14 J. Saito, J. C. Ryou, and K. Sakurai, "Enhancing privacy of universal re-encryption scheme for RFID tags," Embedded and Ubiquitous Computing, Springer, pp. 879-890, Aizu-Wakamatsu City, Japan, Aug. 2004.
15 S. Kim, K. Lee, S. Kim, and D. Won, "Security analysis on anonymous mutual authentication protocol for RFID tag without back-end database and its improvement," World Acad. Sci. Eng. Technol., vol. 59, pp. 460-464, Nov. 2009.
16 K. Rhee, J. Kwak, W. S. Yi, C. Park, S. Park, H. Yang, S. Kim, and D. Won, "Efficient RFID authentication protocol for minimizing RFID tag computation," Advances in Hybrid Inf. Technol., Springer, pp. 607-616, Jeju Island, Korea, Nov. 2006.
17 M. Aigner and M. Feldhofer, "Secure symmetric authentication for RFID tags," Telecommun. Mob. Comput., Graz, Austria, 2005.