[KSCI] Korea Science Citation Index Service

http://dx.doi.org/10.13089/JKIISC.2010.20.2.73

A Secure RFID Search Protocol Protecting Mobile Reader's Privacy Without On-line Server

Lim, Ji-Wwan (Hanyang University)
Oh, Hee-Kuck (Hanyang University)
Kim, Sang-Jin (Korea University of Technology and Education)

Publication Information

Journal of the Korea Institute of Information Security & Cryptology / v.20, no.2, 2010 , pp. 73-90 More about this Journal

Abstract

Recently, Tan et al. introduced a serverless search protocol in which a mobile reader maintains a tag authentication list and authenticates a tag using the list without connecting authentication server. A serverless RFID system is different from general RFID systems which use on-line server models. In the serverless RFID system, since the mobility of a personalized reader must be considered, we have to protect not only the privacy of a tag but also the privacy of a mobile reader. In this paper, we define new security requirements for serverless RFID search system and propose a secure serverless RFID search system. In our system, since tag authentication information maintained by a reader is updated in every session, we can provide the backward untraceability of a mobile reader. Also we use an encrypted timestamp to block a replay attack which is major weakness of search protocols. In addition, we define a new adversary model to analyze a serverless RFID search system and prove the security of our proposed system using the model.

Keywords

Mobile RFID; Serverless RFID Search System; Reader Privacy;

Citations & Related Records

Times Cited By KSCI : 1 (Citation Analysis)

Reference
Cited By KSCI

1	C.C. Tan, B. Sheng, and Q. Li, "Secure and Serverless RFID Authentication and Search Protocols," IEEE Transactions on Wireless Communications, vol. 7, no. 3, pp. 1400-1407, Apr. 2008. DOI
2	A. Bogdanov, G. Leander, C. Paar, and A. Poschmann, "Hash Functions and RFID Tags: Mind the Gap," Proc. of the CHES08, LNCS 5154, pp. 283-299, 2008.
3	A. Juels and S.A. Weis, "Authenticating Pervasive Devices with Human Protocols," Proc. of the CRYPTO05, LNCS 3126, pp. 293-308, 2005.
4	M. Feldhofer, S. Dominikus, and J. Wolkerstorfer, "Strong Authentication for RFID Systems Using the AES Algorithm," Proc. of the CHES04, LNCS 3156, pp. 85-140, 2004.
5	S.I. Ahamed, F. Rahman, E. Hoque, F. Kawsar, and T. Nakajima, "S3PR: Secure Serverless Search Protocols for RFID," Proc. of the ISA08, pp. 187-192, Apr. 2008.
6	T. Won, J. Chun, and D. Lee, "Strong Authentication Protocol for Secure RFID Tag Search Without Help of Central Database," Proc. of the EUC, pp. 153-158, Dec. 2008.
7	임지환, 오희국, 양대헌, 이문규, 김상진, "강화된 사용자 프라이버시를 보장하는 효율적인 RFID 검색 프로토콜," 정보처리학회논문지, 16-C(3), pp. 347-356, 2009년 6월. 과학기술학회마을 DOI ScienceOn

1	RFID Search Protocol based Hash Function for the Privacy of Mobile Reader User / [Park, Mi-Og;] / The Journal of Korean Institute of Next Generation Computing
2	A Low-Cost RFID Tag Search Protocol Preventing the Reuse of Mobile Reader's Tag-List / [Yeo, Don-Gu;Lee, Sang-Rae;Choi, Hyun-Woo;Jang, Jae-Hoon;Youm, Heung-Youl;] / Journal of the Korea Institute of Information Security & Cryptology
3	A Secure RFID Multi-Tag Search Protocol Without On-line Server / [Lee, Jae-Dong;] / Journal of the Korea Institute of Information Security & Cryptology

KSCI

A Secure RFID Search Protocol Protecting Mobile Reader's Privacy Without On-line Server 온라인 서버가 없는 환경에서 이동형 리더의 프라이버시를 보호하는 안전한 RFID 검색 프로토콜

A Secure RFID Search Protocol Protecting Mobile Reader's Privacy Without On-line Server