• Proceedings of the Korea Institutes of Information Security and Cryptology Conference
• /
• 2006.06a
• /
• pp.761-764
• /
• 2006

무선 주파수 인식 (RFID : Radio Frequency Identification) 시스템은 유비쿼터스 시스템 환경에서 중요한 기술로 주목 받게 될 것이다. 최근에는 이런 RFID 시스템과 모바일 시스템이 결합하여 새로운 모바일 RFID 시스템이 소개되었다. 모바일 RFID (Mobile Radio Frequency Identification) 시스템은 모바일 기기에 RFID 시스템이 접목된 것으로 RFID 리더가 모바일 기기 안에 내장된 것으로 모바일 기기를 가진 사람이라면 누구든지 손쉽게 태그가 내장된 상품의 정보를 읽을 수 있다. 이러한 모바일 RFID 리더의 특성으로 인해 태그가 내장된 물품을 소유하고 있는 개인의 프라이버시 침해가 발생한다. 본 논문에서는 간단한 연산과 해쉬함수를 사용하여 모바일 RFID 시스템 환경에 적합한 프라이버시 보호 기법을 제안한다.

• Journal of Digital Convergence
• /
• v.10 no.4
• /
• pp.229-233
• /
• 2012

A RFID system is a technology for detecting information on an object through wireless communication between a tag on the object and a reader, and its applications are being expanded to various areas. Because of its wireless communication, however, there are many vulnerabilities in security. Until now, many studies have been executed in order to solve problems related to the security and stability of RFID. In order to resolve vulnerabilities in existing security methods for privacy protection, this study proposed an authentication protocol that uses hash values received from tags and random numbers. When the proposed protocol was implemented, it was safe from various types of attacks between tag and reader and between reader and DB. Furthermore, compared to recently proposed protocols, it could implement a RFID system with enhanced security and less computation in tags.

• 한국정보컨버전스학회:학술대회논문집
• /
• 2008.06a
• /
• pp.47-52
• /
• 2008

A radio-frequency identification(RFID) tag is a small, inexpensive microchip that emits an identifier in response to a query from a nearby reader. The price of these tags promises to drop to the range of $0.05 per unit in the next several years, offering a viable and powerful replacement for barcodes. The challenge in providing security for low-cost RFID tags is that they are computationally weak devices, unable to perform even basic symmetric-key cryptographic operations. Security researchers often therefore assume that good privacy protection in RFID tags is unattainable. In this paper, we explore a notion of minimalist cryptography suitable for RFID tags. We consider the type of security obtainable in RFID devices with a small amount of rewritable memory, but very limited computing capability. Our aim is to show that standard cryptography is not necessary as a starting point for improving security of very weak RFID devices. Our contribution is threefold: 1. We propose a new formal security model for authentication and privacy in RFID tags. This model takes into account the natural computational limitations and the likely attack scenarios for RFID tags in real-world settings. It represents a useful divergence from standard cryptographic security modeling, and thus a new view of practical formalization of minimal security requirements for low-cost RFID-tag security. 2. We describe protocol that provably achieves the properties of authentication and privacy in RFID tags in our proposed model, and in a good practical sense. Our proposed protocol involves no computationally intensive cryptographic operations, and relatively little storage. 3. Of particular practical interest, we describe some reduced-functionality variants of our protocol. We show, for instance, how static pseudonyms may considerably enhance security against eavesdropping in low-cost RFID tags. Our most basic static-pseudonym proposals require virtually no increase in existing RFID tag resources.

• The KIPS Transactions:PartC
• /
• v.16C no.3
• /
• pp.325-334
• /
• 2009

This paper demonstrates that an attacker can impersonate a random RFID tag and then perform the spoofing attack in the previous RFID authentication protocol. To resolve such a security problem, we also propose a new secure and efficient RFID mutual authentication protocol. The proposed RFID mutual authentication protocol is not only to resolve many security problems with the existing RFID authentication mechanism and the vulnerability against spoofing attack, but also to guarantee reliable authentication time as reducing computational overhead performing by tag. As a result, the proposed RFID mutual authentication protocol provides stronger security including the forward secrecy and more efficiency.

• 한국정보컨버전스학회:학술대회논문집
• /
• 2008.06a
• /
• pp.75-86
• /
• 2008

This paper presents the design, implementation, and evaluation of the RFID Guardian, the first-ever unified platform for RFID security and privacy administration. The RFID Guardian resembles an "RFID firewall", enabling individuals to monitor and control access to their RFID tags by combining a standard-issue RFID reader with unique RFID tag emulation capabilities. Our system provides a platform for coordinated usage of RFID security mechanisms, offering fine-grained control over RFID-based auditing, key management, access control, and authentication capabilities. We have prototyped the RFID Guardian using off-the-shelf components, and our experience has shown that active mobile devices are a valuable tool for managing the security of RFID tags in a variety of applications, including protecting low-cost tags that are unable to regulate their own usage.

• Journal of Information Processing Systems
• /
• v.7 no.1
• /
• pp.111-120
• /
• 2011

The concept of Smart-Homes is becoming more and more popular. It is anticipated that Radio Frequency IDentification (RFID) technology will play a major role in such environments. We can find many previously proposed schemes that focus solely on: authentication between the RFID tags and readers, and user privacy protection from malicious readers. There has also been much talk of a very popular RFID application: a refrigerator/bookshelf that can scan and list out the details of its items on its display screen. Realizing such an application is not as straight forward as it seems to be, especially in securely deploying such RFID-based applications in a smart home environment. Therefore this paper describes some of the RFID-based applications that are applicable to smart home environments. We then identify their related privacy and security threats and security requirements and also propose a secure approach, where RFID-tagged consumer items, RFID-reader enabled appliances (e.g., refrigerators), and RFID-based applications would securely interact among one another. At the moment our approach is just a conceptual idea, but it sheds light on very important security issues related to RFID-based applications that are beneficial for consumers.

• Proceedings of the Korean Institute of Information and Commucation Sciences Conference
• /
• 2011.05a
• /
• pp.657-659
• /
• 2011

Given the security and privacy problems in the application of Radio Frequency Identification(RFID), this paper is proposed a kind of novel security framework, aiming to find a better mechanism in security and privacy problems. This paper reviews the relative work of RFID security mechanisms, then, the overall design scheme and modularized implementation of a secure RFID system based on trusted computing technologies is presented.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.18 no.1
• /
• pp.67-75
• /
• 2008

RFID(Radio Frequency Identification) system is an automated identification system that consists of tags and readers. They communicate with each other by RF signal. As a reader can identify many tags in contactless manner using RF signal, RFID system is expected to do a new technology to substitute a bar-code system. But RFID system creates new threats to the security and privacy of individuals, Because tags and readers communicate with each other in insecure channel using RF signal. So many people are trying to study various manners to solve privacy problems against attacks, but it is difficult to apply to RFID system based on low-cost Gen2. Therefore, We will propose a new encryption scheme using matrix based on Gen2 in RFID system in paper, and We will analyze our encryption scheme in view of the security and efficiency through a simulation and investigate application environments to use our encryption scheme.

• Proceedings of the Korean Society of Broadcast Engineers Conference
• /
• 2007.02a
• /
• pp.93-96
• /
• 2007

RFID 시스템은 무선통신기술을 사용하여 직접 접촉하지 않고 RFID 태그 정보를 식별하는 자동식별기술을 말한다. RFID 시스템의 장점 때문에 바코드 대체 기술로서 주목을 받고 있다. 최근에, RFID시스템은 모바일 단말기 안에 내장된 리더를 사용하여 사용자에게 유용한 정보를 제공하는 모바일 시스템으로 확대대고 있다. 모바일 RFID 시스템은 모바일 리더를 사용하여 물품의 정보를 얻는다. 그 다음 얻은 정보를 사용하여 무선이동통신 네트워크에서 사용자에게 다양한 부가 서비스를 제공한다. 모바일 RFID 시스템은 RFID 리더에 이동성을 결합했을 뿐만 아니라, 언제 어디에서나 실생활에 밀접한 물품에 대한 정보를 활용할 수 있다는 점에서 많은 주목을 받고 있다. 그러나 모바일 RFID 시스템은 정보누출, 추적성, 위조 등과 같은 RFID 시스템의 위협에 취약할 뿐만 아니라 모바일 리더의 이동성에 의해 사용자의 프라이버시가 쉽게 침해된다. 본 논문에서는 기존에 제안된 모바일 RFID 시스템에 관하여 살펴보고 모바일 RFID 시스템에서의 발생하는 추가적인 문제점을 지적한 후에 이에 대한 해결 방안을 제시한다.

• The Journal of Korean Institute of Communications and Information Sciences
• /
• v.35 no.6B
• /
• pp.962-969
• /
• 2010

Recently, RFID technology can successfully be used to reduce medical errors. This technology can aid in the accurate matching of patients with their medications and treatments. The enthusiasm for using RFID technology in medical settings has been tempered by privacy concerns. In this paper, we propose a secure and efficient RFID authentication system to not only authenticate patients' authenticity but also protect patients' personal medical informations. The proposed system consists of RFID-based patient authentication protocol and database security protocol. As a result, since the proposed RFID authentication system provides strong security and efficiency, it can be used practically for patient authentication and personal medical information protection on the high technology medical environments such as u-Hospital and u-Healthcare.