• Journal of the Korea Institute of Information and Communication Engineering
• /
• v.16 no.9
• /
• pp.1963-1969
• /
• 2012

Recently use of RFID(Radio Frequency Identification) tends to be rapidly increased and will be also extended throughout the whole life. Using radio-frequency data can be recognized automatically in the RFID system is vulnerable to personal information protection or security. And passive tags have a hardware problem is the limit for applying cryptographic. This paper presents an authentication protocol using AES and Nounce. After completing mutual authentication server to access and strengthen security vulnerability to the use of the Nounce, because safety in denial of service attacks.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.15 no.4
• /
• pp.71-82
• /
• 2005

Though there are many authentication protocols for RFID system, only a few protocols support location privacy. Because of tag's hardware limitation, these protocols suffer from many security threats, especially from DoS (Denial of Service) attack. In this paper, we explain location privacy problem and show vulnerabilities of RFID authentication protocols. And then, we suggest an authentication protocol that is strong against location tracing, spoofing attack and DoS attack

• Proceedings of the IEEK Conference
• /
• 2005.11a
• /
• pp.1113-1116
• /
• 2005

최근들어 Radio Frequency Identification(RFID) 태그가 다수의 상품에 부착되고 여러 분야에 적용되기 시작했지만, 편리성이나 비용문제로 인해 인증과 암호화 같은 보안기능은 적용되지 않고있다. 보안 기능이 없는 RFID 시스템은 개인정보 노출, 불법 리더의 접근, 위조 태그의 남용과 같은 심각한 부작용을 초래하지만, 태그 자원의 제약으로 인해 보안기능을 적용하기가 쉽지않다. 현재 여러 기술을 따르는 RFID 시스템 중 EPCglobal 의 EPC Class 1 Generation 2(C1G2) 는 산업계의 여러 분야에서 특히, supply-chain 모델에서 사실상 국제표준으로 여겨진다. 본 논문에서는, RFID 보안 프로토콜 중 EPC C1G2 메커니즘의 Inventory 과정에서 태그가 리더를 인증하는 기법을 제안한다. C1G2 시스템에서는 인증되지 않은 리더의 태그 액세스가 가능한데, 이는 태그의 리더 인증으로서 차단될 수 있다. 또한, EPC C1G2 태그-리더 간의 상호인증 기법을 제안한다. 이 과정에서 태그 ID 는 노출되지 않고 전송되며, 태그 인증을 통해 태그 위변조를 방지할 수도 있다. 제안 메커니즘은 태그를 식별하는 절차에서 인증을 위해 프로토콜 패스 수의 증가가 없다. 다만 리더와 태그에서 Inventory 과정의 ACK command 와 태그의 reply 구현에 약간의 수정을 필요로 한다.

• The Journal of Korean Institute of Communications and Information Sciences
• /
• v.30 no.6C
• /
• pp.593-600
• /
• 2005

Recently, RFID system is a main technology to realize ubiquitous computing environments. Because RFID system that is an automatic identification technology using radio frequency is a system to read and write the data of the entity. Therefore, many companies are interested in RFID system to reduce supply chain management and inventory control cost. However, for providing secure service, RFID authentication technology secure against tracking by an adversary is researched first. In this paper, we proposed security level based RFID authentication protocol providing reduce computational and communicational workload in the back-end database. The proposed protocol is secure against reply attack, spoofing attack, traffic analysis, and location privacy, since the proposed protocol based on the security of the hash function.

• The Journal of Korean Institute of Communications and Information Sciences
• /
• v.34 no.10B
• /
• pp.1013-1020
• /
• 2009

This paper proposes an authentication protocol using the key server in the ECPglobai RFID system. The proposed authentication protocol uses the key server and the time-out mechanism to resist various attacks including DoS(Denial of Service) attack. For easy implementation, the proposed protocol also uses the function existing in EPCglobal class 1 gen2 protocol without additive function such as hash function. The proposed protocol is evaluated through two analytical methods. The correctness of the proposed protocol is proved using the GNY analysis. By the security analysis, this paper showed that the proposed protocol is resistant to various attacks including DoS attack. The analytical results demonstrated that the proposed protocol offered a secure RFID system.

• Journal of KIISE:Information Networking
• /
• v.36 no.2
• /
• pp.90-97
• /
• 2009

In 2008, Kim-Jun proposed a RFID mutual authentication protocol using one-time random number that can withstand malicious attacks by the leakage of important information and resolve the criminal abuse problems. Through the security analysis, they claimed that the proposed protocol can withstand various security attacks including the replay attack. However, this paper demonstrates that Kim-Jun' s RFID authentication protocol still insecure to the replay attack. In addition, this paper also proposes a simply improved RFID mutual authentication protocol using one-time random number which not only provides same computational efficiency, but also withstands the replay attack.

• Journal of Advanced Navigation Technology
• /
• v.13 no.5
• /
• pp.691-698
• /
• 2009

Chen et al. proposed a RFID authentication protocol for anti-counterfeiting and privacy protection. A feasible security mechanism for anti-counterfeiting and privacy protection was proposed using XOR and random number shifting operations to enhance RFID tag's security providing a low cost. However, their authentication protocol has some drawbacks and security problems because they did not consider the surrounding environments. We conduct analysis on the protocol and identify problematic areas for improvement of the research. We also provide enhanced authentication and update scheme based on the comment for efficient supply chain management. The proposed protocol was analyzed and compared with typical XOR based RFID authentication protocols and it was confirmed that our protocol has high safety and low communication cost.

• Proceedings of the Korea Information Processing Society Conference
• /
• 2006.05a
• /
• pp.1019-1022
• /
• 2006

본 논문에서는 RFID Tag을 위한 개선된 인증 프로토콜의 설계 및 검증에 관하여 기술한다. 제안한 프로토콜은 ISO/IEC 18000 standard를 기본으로하고 있으며, 강인한 인증을 위해 표준 프로토콜 frame format 을 수정한다. 상호 인증을 위해 three-way challenge response 프로토콜을 사용하며, 인증 알고리듬은 SHA-1이 추가되었다. 제안한 프로토콜의 검증을 위해 Xilinx ISE 6.2i 툴을 사용하여 RFID Tag의 디지털 part를 설계하였고, Virtex Xcv4000 FPGA 를 타겟으로 합성을 수행하였다. RFID Tag의 디지털 part는 Mentor's Modelsim을 이용하여 시뮬레이션을 수행하였고, 동작속도는 약 75MHz를 가지며, 1290개의 슬라이스가 사용되었다.

• Proceedings of the Korea Information Processing Society Conference
• /
• 2005.11a
• /
• pp.889-892
• /
• 2005

유비쿼터스 환경의 센서 네트워크의 보안요소를 살펴보면 센서의 위치, 저전력에 적합한 암호 프리미티브, 초경량의 상호 인증 메커니즘 등이 있다. 그 중 기존의 RFID/USN 환경에서의 식별 및 인증 메커니즘 기법을 살펴보고 RFID/USN 환경에 적합한 상호 인증 메커니즘의 공통된 보안기능요구사항을 본 논문에서는 도출/제시한다. 그리고 RFID/USN 환경에서의 상호인증 기법을 한국정보보호진흥원에서 개발한 평가결과 자동생성도구를 이용하여 실제 검증 평가한다.

• The Journal of the Korea institute of electronic communication sciences
• /
• v.9 no.10
• /
• pp.1145-1152
• /
• 2014

The RFID (Radio-Frequency Identification) system is a technology to discern things by radio and an epoch-making new method to improve product management such as distribution, transport, mobilization, inventory control. However, RFID, which uses radio, is at risk for information leakage and falsification due to the vulnerability of security of the communication section. We designed the new authentication protocol by applying the tent map, which is the representative complex systems, to the RFID communication system. A more solid and simple authentication system was designed by applying the initial value sensitivity and irregularity, which are the representative characteristics of the complex system, to the reader and tag of RFID. The purpose of this paper is to verify the usability of the RFID authentication protocol design that uses the nonlinear system shown in this thesis by the new system differentiated from the authentication system that depends on the existing hash function or random numbers.