Browse > Article
http://dx.doi.org/10.13089/JKIISC.2008.18.6A.63

Efficient Mutual Authentication Protocol Suitable to Passive RFID System  

Won, Tae-Youn (Graduate School of Information Management and Security, Korea University)
Chun, Ji-Young (Graduate School of Information Management and Security, Korea University)
Park, Choon-Sik (The Attached Institute of ETRI)
Lee, Dong-Hoon (Graduate School of Information Management and Security, Korea University)
Publication Information
Journal of the Korea Institute of Information Security & Cryptology / v.18, no.6A, 2008 , pp. 63-73 More about this Journal
Abstract
RFID(Radio Frequency IDentification) system is an automated identification system that basically consists of tags and readers and Back-End-Databases. Tags and Readers communicate with each other by RF signal. As a reader can identify many tags in contactless manner using RF signal, RFID system is expected to do a new technology to replace a bar-code system in supply-chain management and payment system and access control and medical record and so on. However, RFID system creates new threats to the security of systems and privacy of individuals, Because tags and readers communicate with each other in insecure channel using RF signal. So many people are trying to study various manners to solve these problems against attacks, But they are difficult to apply to RFID system based on EPCglobal UHF Class-1 Generation-2 tags. Recently, Chien and Chen proposed a mutual Authentication protocol for RFID conforming to EPCglobal UHF Class-1 Generation-2 tags. we discover vulnerabilities of security and inefficiency about their protocol. Therefore, We analyze vulnerabilities of their protocol and propose an efficient mutual authentication protocol that improves security and efficiency.
Keywords
RFID; Gen2; Privacy Problem; Security; Exhaustive Search; Bloom Filter;
Citations & Related Records
Times Cited By KSCI : 1  (Citation Analysis)
연도 인용수 순위
1 EPCglobal Inc., "Radio Frequency Identity Protocols Class-1 Generation-2 UHF RFID Protocol for Communications at 860 MHz- 960MHz Version 1.0.9., http://www.EPCgloballinc. org
2 A. Juels, "Strengthening EPC tag against cloning", To Appear in the Proceedingsof WiSe '05, 2005XfR
3 J. Yang, J. Park, H. Lee, K. Ren, K. Kim, "Mutual authentication protocol for low-cost RFID", Handout of the Ecrypt Workshop on RFID and Lightweight Crypto, 2005
4 김진호, 서재우, 이필중, "저비용 RFID 시스템에 적합한 효율적인 인증 방법", 2008년 정보보호학회논문지, 18권, 제 2호, 2008, pp. 117-128   과학기술학회마을
5 원태연, 천지영, 최은영, 이동훈, "RFID 보안시스템에서 전수조사 방식에 대한 성능테스트", 2007년도 정보보호학회 동계학술대회, vol. 17, no. 2, 2007, pp. 203-206
6 J. Yang, K. Ren, K. Kim, "Security and privacy on authentication protocol for low-cost radio", The 2005 Symposium on Cryptography and Information Security, 2005
7 K. Rhee, J. Kwak, S. Kim, D. Won, "Challengeresponse based RFID authentication protocol for distributed database environment", International Conference on Security in Pervasive Computing .SPC 2005, 2005, pp. 70-84
8 Andrei broder and Michael Mitzenmacher, "Network Applications of Bloom Filters : A Survey", Internet Mathematics, vol 1, no 4, 2004, pp 485-509(SAC), 2005   DOI
9 D.N. Duc, J. Park, H. Lee, K. Kim, "Enhancing security of EPCglobal GEN-2 RFID tag against traceability and cloning", The 2006 Symposiumon Cryptography and Information Security, 2006
10 A. Juels, "RFID Security and Privacy: A Research Survey", IEEE Journal, Vol. 24, Issue:2, pp. 381-394, 2006
11 A.D. Henrici, P. MAuller, "Hash-based enhancement of location privacy for radio-frequency identification devices using varying identifiers", In theProceedings of PerSec'04 at IEEE PerCom, 2004, pp. 149-153xXfR
12 S. Karthikeyan, M. Nesterenko, "RFID security without extensive cryptography", Proceedings of the 3rd ACM Workshop on Security of AdHoc and Sensor Networks, 2005, pp. 63-67
13 S.A. Weis, S.E. Sarma, R.L. Rivest, D.W. Engels, "Security and privacy aspects of lowcost radio frequency identification systems", The Proceedings of the First Security in Pervasive Computing, LNCS, vol. 2802, 2003, pp. 201-212
14 김진호, 서재우, 이필중, "멤버쉽 테스트를 이용한 RFID 인증 프로토콜", 2007년도 정보보호학회 하계학술대회, vol. 17, no. 1, 2007, pp. 93-98
15 H.Y. Chien and Che-Hao Chen, "Mutual Authentication Protocol for RFID Conforming to EPC Class 1 Generation 2 Standards", In Computer Standards & Interfaces, 2006
16 M. Ohkubo, K. Suzki, S. Kinoshita, "Cryptographic approach to 'privacyfriendly' tags", RFID Privacy Workshop, 2003
17 D. Molnar, D. Wagner, "Privacy and security in library RFID: issues, practices, and architectures", Conference on Computer and Communications Security .CCS'04, 2004, pp. 210-219
18 S. A. Weis, "Security and privacy in radiofrequency identification devices", Masters Thesis MIT, 2003