Browse > Article
http://dx.doi.org/10.13089/JKIISC.2010.20.4.89

A Random ID-based RFID Mutual authentication protocol for detecting Impersonation Attack against a back-end server and a reader  

Yeo, Don-Gu (Soonchunhyang University)
Lee, Sang-Rae (Soonchunhyang University)
Jang, Jae-Hoon (Soonchunhyang University)
Youm, Heung-Youl (Soonchunhyang University)
Publication Information
Journal of the Korea Institute of Information Security & Cryptology / v.20, no.4, 2010 , pp. 89-108 More about this Journal
Abstract
Recently many mutual authentication protocol for light-weight hash-based for RFID have been proposed. Most of them have assumed that communications between a backend server and reader are secure, and not considered threats for backend server and RFID reader impersonation. In the real world, however, attacks against database or reader are more effective rather than attacks against RFID tag, at least from attacker's perspective. In this paper, we assume that all communications are not secure to attackers except the physical attack, and considering realistic threats for designing a mutual authentication protocol based on hash function. And It supports a mutual authentication and can protect against the replay attack, impersonation attack, location tracking attack, and denial of service attack in the related work. We besides provide a secure and efficient RFID mutual authentication protocol which resists impersonation attacks on all of the entities and alow a backend server to search tag-related information efficiently. We conclude with analyzing the safety and efficiency among latest works.
Keywords
Hash-based RFID; Random ID; Mutual Authentication; Self-depence;
Citations & Related Records
Times Cited By KSCI : 5  (Citation Analysis)
연도 인용수 순위
1 염용진, ''RFID시스템을 위한 암호 기술 동향," 정보통신연구진흥원 학술정보-주간기술동향", 1223, 2005년 11월.
2 International Telecommunication Union. "The 5th revised text on ITU-T X. usnsec-1 ISO/lEC CD 29180: Security framework for ubiquitous sensor network," ITU-T SG17, 942-PLEN, Apr. 2010.
3 International Telecommunication Union, "Threats and requirements for protection of personally identifiable information in applications using tag-based identification," ITU-T SG17, X.1171, Feb. 2009.
4 김익수, "효율성을 고려한 해쉬 함수 기반의 안전한 RFID인증 프로토콜", 한국통신학회논문지, 34(4), pp. 428-434, 2009년 4월.   과학기술학회마을
5 임지환, 오희국, 김상진, "동기화 문제를 해결한 새로운 동적 아이디기반 RFID 상호 인증 프로토콜," 정보처리학회논문지, 15-C(6), pp. 469-480, 2008년 12월.   과학기술학회마을
6 G.Avoine, C.Lauradoux, and T.Martin, "When Compromised Readers Meet RFID." 10th International Workshop. WISA 2009, LNCS 5932, pp. 36-50, Aug. 2009.
7 하재철, 백이루, 김환구, 박제훈, 문상재, "해쉬함수에 기반한 경량화된 RFID 인증 프로토콜," 한국정보보호학회논문지, 19(3), pp. 61-72, 2009년 6월.   과학기술학회마을
8 M. Burmester, B. Medeiros and R. Motta, "Provably Secure Grouping-Proofs for RFID Tags," Proceeding in 8th IFIP WG 8.8/11.2 International Conference (CARDIS), vol. 5189, pp. 176-190, Sep. 2008.
9 T. Dimitriou, "A secure and Efficient RFID Protocol that could make Big Brother (partially) Obsolete," Proceedings of 4th Annual IEEE International Conference on Pervasive Computing and Communications (PERCOM'06), pp. 270-275, Mar. 2006.
10 S.A. Weis, S.E. Sarma, R.L. Rivest and D.W. Engels, "Security and Privacy Aspects of Low-Cost Radio Frequency Identification Systems," First International Conference on Security in Pervasive computing, pp. 50-59, 2004.
11 E.J. Yoon, K.Y. Yoo, "Two Security Problems of RFID Security Method with Ownership Transfer," Proceeding in 2008 IFIP International Conference on Network and Parallel Computing, pp. 68-73, Oct. 2008.
12 National Institute of Standards and Technology, "Guidelines for Securing Radio Frequency Identification (RFID)," Natl. Inst. Stand. Technol. Spec. Pub. 800-98, Apr. 2007.
13 K.Rhee, J. Kwak, S. Kim, and D. Won, "Challenge-Response Based RFID Authentication, Protocol for Distributed Database Environment," Proceedings of Second International Conference, SPC 2005, pp. 70-84, Apr. 2005.
14 M. Reldhofer, J. Wolkerstorfer, "Strong Crypto for RFID Tags - A Comparison of Low-Power Hardware Implementations," Proceedings of IEEE International Symposium on In Circuits and Systems (ISCAS'07), pp. 1839-1842, May. 2007.
15 김진호, 서재우, 이필중, "저비용 RFID시스템에 적합한 효율적인 인증 방법," 정보보호학회논문지, 18(2), pp. 117-128, 2008년 4월.   과학기술학회마을
16 T. Good, M. Benaissa, ''A low-frequency RFID to challenge security and privacy concerns," Proceedings of IEEE 6th International Conference on Mobile Adhoc and Sensor Systems (MASS'09), pp. 856-863, Oct. 2009.
17 M. Kim, J. Ryou, Y. Choi and S. Jun, "Low-cost Cryptographic Circuits for authentication in Radio Frequency Identification Systems," Proceedings of International symposium on Consumber Electronics (ISCE'06), pp. 1-5, Jun. 2007.
18 A.Juels, R.L.Rivest, M.Szydlo, "The Blocker Tag: Selective Blocking of RFID Tags for Consumer Privacy," 10th ACM Computer and Communications Security Conference (CCS'03), pp. 103-111, Oct. 2003.
19 안해순, 부기동, 윤은준, 남인길, "RFID/USN 환경을 위한 개선된 인증 프로토콜," 전자공학회논문지, 46(1), pp. 1-10, 2009년 1월.   과학기술학회마을
20 신진섭, 박영호, "RFID/USN에서의 EXOR과 해쉬 함수를 이용한 인증 프로토콜," 한국산업정보학회논문지, 12(2), pp. 24-29, 2007년 6월.