• Journal of Korea Society of Industrial Information Systems
• /
• v.12 no.2
• /
• pp.24-29
• /
• 2007

The essential factor of ubiquitous is security technology to properly prepare making possible network access, economic and convenient information exchange. This paper proposes an authentication protocol for RFID as one technology to realize such an ubiquitous. The proposed protocol used only the EXOR and the hash function operations reduces operations at RFID tag, which improves stability compared to existing protocols.

• Journal of the Korea Society of Computer and Information
• /
• v.12 no.6
• /
• pp.193-200
• /
• 2007

There is an advantage that RFID system is better than previous bar code system in storage ability and noncontact property. But, everyone can easily receive the transmitting information by using RF signal. So, there is a problem that system security and personal privacy are threatened. In this paper, I propose RFID system that is secure against attacks like eavesdropping, replay, spoofing and location tracking and can efficiently provide mutual authentication services between reader and tag. The proposed RFID system can be used in various sections of ubiquitous computing environment.

• The Journal of Korean Institute of Communications and Information Sciences
• /
• v.34 no.10B
• /
• pp.1013-1020
• /
• 2009

This paper proposes an authentication protocol using the key server in the ECPglobai RFID system. The proposed authentication protocol uses the key server and the time-out mechanism to resist various attacks including DoS(Denial of Service) attack. For easy implementation, the proposed protocol also uses the function existing in EPCglobal class 1 gen2 protocol without additive function such as hash function. The proposed protocol is evaluated through two analytical methods. The correctness of the proposed protocol is proved using the GNY analysis. By the security analysis, this paper showed that the proposed protocol is resistant to various attacks including DoS attack. The analytical results demonstrated that the proposed protocol offered a secure RFID system.

• Journal of the Korea Institute of Information and Communication Engineering
• /
• v.19 no.2
• /
• pp.357-364
• /
• 2015

Tags and Readers is receiving and sending the data using the wireless communication in the RFID environment. Therefore, it could allow an attacker to participate in the network without the physical constraints, which can be easily exposed to a variety of attacks, such as taps and data forgery. Also, it is not easy to apply the security techniques to defend external attacks because the resource constraints of RFID tags is high. In this paper, new tag-reader mutual authentication protocol is proposed to protect the external cyber attacks such as spoofing attacks, replay attacks, traffic analysis attacks, location tracking attacks. The performance evaluation of the proposed mutual authentication protocol is performed and the simulation results are presented.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.18 no.6B
• /
• pp.259-269
• /
• 2008

Applying Varying Pseudonym (VP) to design of Radio Frequency Identification (RFID) authentication protocol outperforms the other existing approaches in several respects. However, this approach is prone to the well-known denial-ofservice (DOS) attack. In this paper, we examine the de-synchronization problems of VP-based RFID authentication protocols, and propose effective solutions to eliminate such weaknesses. We shall show that the proposed solutions indeed improve the security for these protocols, and moreover, these solutions require 0(1) computational cost for identitying a tag and 0(1) key space on the tag. These excellent performances make them very attractive to many RFID applications.

• The Journal of Korean Institute of Communications and Information Sciences
• /
• v.39B no.12
• /
• pp.831-841
• /
• 2014

The attacker can access the RFID systems illegally because authentication operation on the RFID systems are performed in wireless communication. Authentication methods based on the PUF were presented to defend attacks. Because of Hash and AES, the cost is expensive for the low-cost RFID tag. In this paper, the PUF-based encryption processor and the mutual authentication protocol are proposed for low-cost RFID authentication. The challenge-response pairs (PUF's input and output) are utilized as the authentication key and encrypted by the PUF's characteristics. The encryption method is changed each session and XOR operation with random number is utilized. Therefore, it is difficult for the attacker to analyze challenge-response pairs and attack the systems. In addition, the proposed method with PUF is strong against physical attacks. And the method protects the tag cloning attack by physical attacks because there is no authentication data in the tag. Proposed processor is implemented at low cost with small footprint and low power.

• The Journal of the Institute of Internet, Broadcasting and Communication
• /
• v.12 no.6
• /
• pp.83-89
• /
• 2012

This paper proposes the design of a security-enhanced RFID authentication protocol which meets the privacy protection for tag bearers. The protocol which uses AES(Advanced Encryption Standard) cipher algorithm is based on a three-way challenge response authentication scheme. In addition, three different types of protocol packet formats are also presented by extending the ISO/IEC 18000-3 standard for realizing the security-enhanced authentication mechanism in RFID system environment. Through the comparison of security, it was shown that the proposed scheme has better performance in user data confidentiality, Man-in-the-middle replay attack, and replay attack, and forgery resistance, compared with conventional some protocols. In order to validate the proposed protocol, a digital Codec of RFID tag is also designed based on the protocol. This Codec has been described in Verilog HDL and also synthesized using Xilinx Virtex XCV400E device.

• The Journal of the Korea Contents Association
• /
• v.8 no.6
• /
• pp.66-73
• /
• 2008

The concept of u-Vehicle is a technological model that people try to build the ubiquitous world in the car which moves, by using the RFID technology as well as the telematics service based on the location. RFID is weak on the point of information security because RFID has possibility for being abused such as chasing, counterfeiting, and invading personal privacy. RFID's tags use a weak cryptographic algorithm. This paper presents the vulnerabilities of information security under u-Vehicle environments. To solve that, we propose a mechanism enhancing RFID tag's security but with low cost by reducing the number of mutual authentication stages and using the hash function.

• The KIPS Transactions:PartC
• /
• v.15C no.6
• /
• pp.469-480
• /
• 2008

The recently proposed RFID(Radio Frequency Identification) authentication protocol based on a hash function can be divided into two types according to the type of information used for authentication between a reader and a tag: either a value fixed or one updated dynamically in a tag memory. In this paper, we classify the protocols into a static ID-based and a dynamic-ID based protocol and then analyze their respective strengths and weaknesses. Also, we define a new security model including forward/backward traceability, synchronization, forgery attacks. Based on the model, we analyze the previous protocols and propose a new dynamic-ID based RFID mutual authentication protocol. Our protocol provide enhanced RFID user privacy compared to previous protocols and identify a tag efficiently in terms of the operation quantity of a tag and database.

• The Journal of Korean Association of Computer Education
• /
• v.14 no.1
• /
• pp.175-185
• /
• 2011

Recently RFID systems have been introduced in place of barcode systems to industries such as logistics, distribution, and manufacturing. Due to security vulnerabilities in wireless communication between the reader and tags, however, the authentication protocols for the communication have also been researched extensively. In order to solve the vulnerability of previously proposed protocols, this paper thus proposes an authentication protocol that satisfies the security requirements in the RFID system and minimizes the quantity of computation such as random number generation, transmitting the micro-time of databases. In addition, it is expected that the proposed cross authentication protocol is safe against replay attack, spoofing attack, traffic analysis, and eavesdropping attack when it is applied to the RFID system. Also, it has advantages such as providing a high level of security at a lower manufacturing cost.