Browse > Article
http://dx.doi.org/10.3745/KIPSTC.2011.18C.5.331

Improvement of a Verified Secure Key Distribution Protocol Between RFID and Readers  

Bae, Woo-Sik (충북대학교 컴퓨터교육과)
Lee, Jong-Yun (충북대학교 컴퓨터교육과)
Publication Information
The KIPS Transactions:PartC / v.18C, no.5, 2011 , pp. 331-338 More about this Journal
Abstract
The RFID system includes a section of wireless communication between the readers and the tags. Because of its vulnerability in terms of security, this part is always targeted by attackers and causes various security problems including the leakage of secret and the invasion of privacy. In response to these problems, various protocols have been proposed, but because many of them have been hardly implementable they have been limited to theoretical description and theorem proving without the accurate verification of their safety. Thus, this study tested whether the protocol proposed by Kenji et al. satisfies security requirements, and identified its vulnerabilities such as the exposure of IDs and messages. In addition, we proposed an improved RFID security protocol that reduced the number of public keys and random numbers. As one of its main characteristics, the proposed protocol was designed to avoid unnecessary calculations and to remove vulnerabilities in terms of security. In order to develop and verify a safe protocol, we tested the protocol using Casper and FDR(Failure Divergence Refinements) and confirmed that the proposed protocol is safe in terms of security. Furthermore, the academic contributions of this study are summarized as follows. First, this study tested the safety of a security protocol through model checking, going beyond theorem proving. Second, this study suggested a more effective method for protocol development through verification using FDR.
Keywords
RFID Security; Security Protocol; Privacy; Formal Validation; Key Distribution;
Citations & Related Records
Times Cited By KSCI : 5  (Citation Analysis)
연도 인용수 순위
1 김주배, 김현석, 최진영. "스마트카드 기반 키분배 인증프로토콜의 정형 검증" 정보과학회 2008 추계학술발표회 35권 2(D)호, pp.46-49, 2008.
2 G. Lowe. "Casper: A compiler for the analysis of security protocols." User Manual and Tutorial. Version 1.12 2009.
3 김일곤, 전철욱, 김현석, 최진영, 강인혜. "보안 프로토콜의 안전성 분석을 위한 정형적방법론" 정보보호학회논문지, 15(1), pp.17-27, 2005.
4 C. Kraetzer, "Modelling Watermark Communication Protocols using the CASPER Modelling Language" Proceedings of the 12th ACM workshop on Multimedia and security. pp.107-116, 2010.
5 Oxford University Computing Laboratory. FDR2 User Manual, 19th October, 2010.
6 Mihai-Lica Pura, Victor Valeriu Patriciu, Ion Bica, "Formal Verification of G-PAKE Using Casper/FDR2-Securing a Group PAKE Protocol Using Casper/FDR2". SECRYPT 2010: 299-303.
7 C.A.R Hoare. Communicating Sequential Processes. Prentice-Hall. 1985.
8 Hung-Yu Chien and Chen-Wei Huang. "A Lightweight Authentication Protocol for Low-Cost RFID", Springer Science + Business Media, LLC. Manufactured in The United States, 2008.
9 Shijie Zhou, Zhen Zhang, Zongwei Luo and Edward C. Wong. "A lightweight anti-desynchronization RFID authentication protocol", Springer Science + Business Media, LLC 2009.
10 이근우, 오동규, 곽진, 오수현, 김승주, 원동호 "분산 데이터베이스 환경에 적합한 Challenge-response 기반의 안전한 RFID인증 프로토콜", 한국정보처리학회논문지C, 제12-C권, 제3호, pp.309-316, 2005.
11 안해순, 부기동, 윤은준, 남인길 "강력한 보안성을 제공하는 RFID 상호 인증 프로토콜" 정보처리학회논문지C, 제16-C권, 제3호, pp.325-334, 2009.   과학기술학회마을   DOI   ScienceOn
12 원태현, 유영준, 천지영, 변진욱, 이동훈 "온라인 백-엔드 데이터베이스가 없는 안전한 RFID 상호 인증 프로토콜", 정보보호학회논문지, 제20권, 제1호, pp.63-72, 2010.   과학기술학회마을
13 박용수, 신주석, 최명실, 정경호, 안광선 "해시된 태그ID와 대칭키 기반의 RFID 인증프로토콜"정보처리학회논문지C, 제16-C권, 제6호, pp.669-680, 2009.
14 S. E. Sarma, S. A. Weis, D. W. Engels. "RFID systems, Security & Privacy Implications", White Paper MIT-AUTOID-WH-014, MIT AUTO-ID CENTER, 2002.
15 K. Imamoto and K. Sakurai, "Design and Analysis of Diffie-Hellman Based Key Exchange Using ID by SVO Logic",Proc. Electronic Notes in Theoretical Computer Science 2005.
16 Yu Tian-tian, Feng Quan-yuan, "A Security RFID Authentication Protocol Based on Hash Function," ieec, pp.804-807, 2009 International Symposium on Information Engineering and Electronic Commerce, 2009.
17 He Lei, Gan Yong, Sun Tong, Wang Peng-yuan, "A Revised Efficient Authentication Protocol for Low-Cost RFID System," iitaw, pp.116-118, 2009 Third International Symposium on Intelligent Information Technology Application Workshops, 2009.
18 S. A. Weis, S. E. Sarma, R. L. Rivest, and D. w. Engels, "Security and Privacy Aspects of Low-cost Radio Frequency Identification Systems," Security in Pervasive Computing 2003, LNCS 2802, pp.201-202, Springer-Verlag Heidelderg, 2004.   DOI   ScienceOn
19 S. A. Weis, "Security and Privacy in Radio-Frequency Identification Devices" MS Thesis, MIT.May, 2003.