• ETRI Journal
• /
• v.35 no.1
• /
• pp.170-172
• /
• 2013

With the rapid progress of RFID security technologies, the international standard group ISO/IEC JTC 1/SC 31 is developing a few security technologies for RFID systems. One of the initial proposals is ISO/IEC working draft (WD) 29167-6. Recently, Song and others stated that Protocol 1 of ISO/IEC WD 29167-6 is vulnerable to a malicious adversary. However, their analysis comes from a misunderstanding regarding a communication parameter called Handle. In this letter, we point out that an adversary cannot obtain any sensitive information from intervening in Protocol 1.

• ETRI Journal
• /
• v.36 no.1
• /
• pp.141-150
• /
• 2014

A fully integrated CMOS security-enhanced passive (SEP) tag that compensates the security weakness of ISO/IEC 18000-6C is presented in this paper. For this purpose, we propose a security-enhanced protocol that provides mutual authentication between tag and reader. We show that the proposed protocol meets the security demands of the ongoing international standard for RFID secure systems, ISO/IEC 29167-6. This paper fabricates the SEP tag with a 0.18-${\mu}m$ CMOS technology and suggests the optimal operating frequency of the CMOS SEP tag to comply with ISO/IEC 18000-6C. Furthermore, we measure the SEP tag under a wireless environment. The measured results show that communications between the SEP tag and reader are successfully executed in both conventional passive and SEP modes, which follow ISO/IEC 18000-6C and the proposed security enhanced protocol, respectively. In particular, this paper shows that the SEP tag satisfies the timing link requirement specified in ISO/IEC 18000-6C.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.20 no.4
• /
• pp.117-134
• /
• 2010

A passive RFID tag which received attention as a future technology for automatic and quick identification faces some difficulties about security problems such as tag authentication, reader authentication, data protection, and untraceability in addition to cost and reliable identification. A representative passive RFID technology is the ISO/IEC 18000-6 Type C which is an international standard for 900 MHz UHF-band. This standard has some difficulties in applying to the security services such as originality verification, tag's internal information protection, and untraceability, because it does not provide high-level security solution. In this paper, we summarize security requirements of ISO/IEC ITC 1/SC 31 international standardization group, propose security protocols suitable for the UHF-band passive RFID system using a crypto engine, and analyze its security strength. In addition, we verify that it is possible to implement a tag conforming with the proposed security protocols by presenting concrete command/response pairs and cryptographic method.