• Journal of information and communication convergence engineering
• /
• v.7 no.1
• /
• pp.19-23
• /
• 2009

In this paper, we propose a general idea about an RFID system which provides lighted weight algorithm. We discuss how RFID could be applied for this kind of system, especially, compact protocol. We evaluate a few protocols that have been suggested for use in passive RFID tagged systems. We can reduce security computation without losing security features by message integration and pre-computation in this paper. And the proposed protocol can be used in low-cost RFID systems that require a small computational load for both the back-end database and the tags.

• Proceedings of the Korea Institutes of Information Security and Cryptology Conference
• /
• 2006.06a
• /
• pp.563-568
• /
• 2006

RFID 시스템 상에서의 보안 문제를 해결하기 위한 다양한 노력에도 불구하고 대부분의 기존 연구들은 안전한 RFID 시스템을 위한 보안 요구 사항을 완벽하게 충족시키지 못하였다. 또한, 일부 시스템은 RFID 태그의 연산 능력만을 고려할 뿐 백엔드 데이터베이스(Back-end Database)의 연산 부하는 비교적 고려대상이 아니었다. 하지만, 실용적인 RFID 시스템 설계를 위해서는 제한된 능력을 지닌 RFID 태그뿐만 아니라 데이터베이스의 연산량 또한 고려되어야 한다. 따라서 본 논문에서는 이 두 개체의 연산 부하를 줄이기 위한 효율적인 프로토콜을 제시한다. 제안된 프로토콜은 위치 추적 방지, 데이터베이스와 태그간의 상호 인증을 보장하며 재생 공격 및 스푸핑 공격에도 강인한 특성을 지니고 있다. 특히, 통신 장애나 악의적인 공격에 의해 비동기상태가 발생할 경우에도 데이터베이스와 태그는 손쉽게 동기를 회복할 수 있다.

• Proceedings of the Korea Institutes of Information Security and Cryptology Conference
• /
• 2006.06a
• /
• pp.569-573
• /
• 2006

Radio Frequency Identification (RFID) 시스템은 기존의 바코드를 대신하면서 생산, 공급망 관리, 재고 관리등의 분야에서 중요한 역할을 할 것으로 기대되어지고 있다. 뿐만 아니라, 일상 생활에서도 RFID의 활용 분야는 다양하여 가까운 미래에는 우리 사회 전반에서 중요한 요소로 자리 잡을 것이다. 하지만, RFID 시스템에는 아직 해결해야 될 문제가 남아 있다. 태그로 부터의 원하지 않은 정보 유출로 인한 privacy와 security 문제가 여기에 해당된다. 이 문제를 해결하기 위해서 많은 RFID 인증 프로토콜들이 제안 되었지만, 다소의 문제점들을 가지고 있었다. 본 논문에서는 기존에 제안된 해쉬 함수 기반의 인증 프로토콜들의 문제점들을 분석하고, spoofing 공격 및 location privacy등에 대해 안전하고 효율적인 새로운 프로토콜을 제안한다.

• Journal of the Korea Society of Computer and Information
• /
• v.11 no.6 s.44
• /
• pp.193-200
• /
• 2006

RFID technology has been gradually expanding its application areas however studies on personal space infringement along with security are insufficient. This paper proposes a new security protocol access time interval scheme and RSA algorithm to analyze existing RFID security protocol and attempts to solve the problem of lightweight protocol. Information protection for two-way channels can be enforced through the proposed protocol and other issues of sniffing and man-in-the-middle attacks can be solved by applying a mutual certification technique application among tag readers.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.15 no.4
• /
• pp.71-82
• /
• 2005

Though there are many authentication protocols for RFID system, only a few protocols support location privacy. Because of tag's hardware limitation, these protocols suffer from many security threats, especially from DoS (Denial of Service) attack. In this paper, we explain location privacy problem and show vulnerabilities of RFID authentication protocols. And then, we suggest an authentication protocol that is strong against location tracing, spoofing attack and DoS attack

• Proceedings of the Korean Institute of Information and Commucation Sciences Conference
• /
• v.9 no.2
• /
• pp.280-284
• /
• 2005

In ubiquitous computing environment, An RFID system will be the important way that recognizing an object instead of Bar-code system. But a privacy infringement problem is predicted between a tag and leader to be serious. There is many difficulty that just uses an existing research method because it has an Hardware restriction. Therefore we will suggest that A RFID Privacy Protect system using Hareware friendly security algorithm. we will use RC5 and CBC_MAC because the tag has hardware restriction .To implement, We will simulate and test on One chip microprcessor environment. In the result of the experiment, We will know that a suggested system solves privacy problem on RFID system that it was using CBC-MAC and RC5 security algorithm.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.17 no.5
• /
• pp.141-146
• /
• 2007

Barcodes have been widely used to implement automatic identification systems but there are various problems such as security weakness or distance restriction in scanning barcode signals in a barcode-based automatic identifcation systems. Recently researchers are gradually interested in radio frequency identification (RFID) and RFID systems have been applied to various fields than before. Especially one of RFID application fields, a bank system uses RFID tagged bankontes to prevent illegal transactions such as counterfeiting banknotes and money laundering. In this paper, we propose a RFID system for protecting location provacy of a banknote holder. In addition, our paper describes that a trust party can trace a counterfeit banknote holder to provide against emergencies.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.15 no.6
• /
• pp.49-58
• /
• 2005

In this paper, we have proposed a secure dynamic ID allocation protocol using mutual authentication on the RFID tag. Currently, there are many security protocols focused on the low-price RFID tag. The conventional low-price tags have limitation of computing power and rewritability of memory. The proposed secure dynamic ID allocation protocol targets to the high-performance RFID tags which have more powerful performance than conventional low-price tag by allocating dynamic ID to RFID using mutual authentication based on symmetric encryption algorithm. This protocol can be used as a partial solution for ID tracing and forgery.

• The Journal of Information Technology
• /
• v.10 no.4
• /
• pp.85-93
• /
• 2007

RFID applied in many area. I think that RFID enlarge for our life more and more. The application technology of RFID change the Mobile RFID using mobile phone and PDF etc. I think, Mobile RFID enlarge application technology gradually. In this paper, we propose the quality measurement metrics for mobile RFID middleware. I propose the quality testing model for interoperability and security of mobile RFID middleware. We examine the international standard for mobile RFID and software testing. In this paper, I proposed the evaluation model of mobile RFID middleware on the basis of international standard ISO/IEC 9126-2 and ISO/IEC 25000 series.

• The Journal of Korean Institute of Communications and Information Sciences
• /
• v.31 no.5C
• /
• pp.562-567
• /
• 2006

This paper extends Diameter AAA Protocol to provide secure communication channels between Mobile RFID Service Components and distinct service based on user's QoS level authorization. This paper supposes 900MHz, which is the target RF for Mobile RFID Forum and supposes RFID phone, which equitted with RFID reader. By using extended Diameter AAA server, user is authenticated, authorized and provided dynamic security associations between Mobile RFID Service components. The types of security associations are as followings:between RFID tag and RFID reader, between RFID reader(phone) and MobileRFID Service Agent, between phone and OIS, between phone and OTS and between phone and Accounting/Financial server.