• Journal of Korea Society of Industrial Information Systems
• /
• v.12 no.2
• /
• pp.24-29
• /
• 2007

The essential factor of ubiquitous is security technology to properly prepare making possible network access, economic and convenient information exchange. This paper proposes an authentication protocol for RFID as one technology to realize such an ubiquitous. The proposed protocol used only the EXOR and the hash function operations reduces operations at RFID tag, which improves stability compared to existing protocols.

• Proceedings of the Korean Institute of Information and Commucation Sciences Conference
• /
• 2010.10a
• /
• pp.629-630
• /
• 2010

Radio frequency identification (RFID) tags are cheap, simple devices that can store unique identification information and perform simple computation to keep better inventory of packages. Because of this, they are intended to replace the barcodes for supply chain management in the near future. However, unlike barcodes, these tags have a longer range in which they are allowed to be scanned, subjecting them to unauthorized scanning by malicious readers and to various attacks. Therefore, a security protocol for RFID tags is needed to ensure privacy and authentication between each tag and their reader. In order to accomplish this, in this paper, we proposed a lightweight privacy and authentication protocol for passive RFID tags.

• Journal of the Korea Academia-Industrial cooperation Society
• /
• v.10 no.12
• /
• pp.3694-3701
• /
• 2009

This paper suggests that location tracking system by RFID. It uses the location tracking and the authentication to entrance after inserts passive RFID tag into user Identification card. The readers periodically broadcast their signal, and then the readers understand where users are by analyzing them. In one of tracking systems, it is possible to detect the area where user had stayed for the longest time during moving according to signal power, to know user moved path and user next moving path. Also, it can be used in entrance authentication system in security area by using tag ID value which stored to backend server.

• Convergence Security Journal
• /
• v.6 no.1
• /
• pp.45-53
• /
• 2006

It has been proposed that several RFID authentication protocols based on hash chain. Status based authentication protocol and challenge-response based authentication protocol are secured against location tracking attacks, spoofing attacks, replay attacks, traffic analysis attacks but are vulnerable to Dos attacks. RFID authentication protocol with strong resistance against traceability and denial of service attack is secured against location tracking attack, spoofing attacks, replay attacks, DoS attacks but are vulnerable to traffic analysis attacks. The present study suggests a more secure and lightweight RFID authentication protocol which is combining the advantages of hash-chain authentication protocol and RFID authentication protocol with strong resistance against traceability and denial of service attack. The results of the secure analysts for a proposed protocol are illustrated that it is secured against location tracking attacks, spoofing attacks, replay attacks, traffic analysis attacks, Dos attacks and is a lightweight operation between server and tag.

• Convergence Security Journal
• /
• v.14 no.7
• /
• pp.91-99
• /
• 2014

NFC(Near Field Communication) is a wireless data exchange technology in 13.56MHz frequency band between devices. The NFC Forum defines the NDEF(NFC Data Exchange Format) exchanging data format between NFC devices and NFC Tags, the NFC RTD(Record Type Definition) defining the record types in the NDEF messages, the Smart Poster RTD in order to replace current paper posters and the Signature RTD to ensure the authenticity and integrity for NDEF records. But the previous smart poster authentication scheme have the weaknesses of using the PKI(Public Key Infrastructure) with certificates to verify the public key for the smart poster authentication and requiring the additional storage capacity of NFC tags for the authentication path. Therefore in this paper we propose a smart poster authentication scheme and implementation based on the authentication URL, a digital signature and a public key without the PKI and certificates for the smart poster authentication.

• The Journal of Korean Institute of Communications and Information Sciences
• /
• v.42 no.5
• /
• pp.999-1008
• /
• 2017

In this paper, we propose a pipeline network coding (PNC) scheme for efficient data transmission in wireless networks, a data authentication scheme for verifying the integrity of data, and a node authentication scheme for a virtual source. PNC is a technique that improves the overall network performance by relaying data such that the relay node performing network coding transmits to the sender instead. However, network coding is vulnerable to a pollution attack, which is an attack by a malicious attacker to inject modified data into the network. To prevent this, hash-based message authentication code (HMAC) is used. For this purpose, in order to generate a tag used for data authentication, a key must be distributed to the nodes performing authentication. We applied a hash chain to minimize the overhead of key distribution. A null vector is used as the authentication scheme for the virtual source. Finally, we analyze the safety and complexity of the proposed scheme and show he performance through simulation.

• The Journal of the Korea Contents Association
• /
• v.9 no.9
• /
• pp.9-17
• /
• 2009

RFID (Radio Frequency Identification) is a next generation technology that will replace barcode. RFID can identify an object by reading ID inside a RFID tag using radio frequency. However, because a RFID tag replies its unique ID to the request of any reader through wireless communication, it is vulnerable to attacks on security or privacy through wiretapping or an illegal reader's request. The RFID authentication protocol has been studied actively in order to solve security and privacy problems, and is used also in tag search. Recently, as the number of tags is increasing in RFTD systems and the cost of data collection is also rising, the importance of effective tag search is increasing. This study proposed an efficient search method that solved through ta9 group the problem of large volume of database computation in Miyako Ohkubo's hash chain mechanism, which meets requirements for security and privacy protection. When we searched first the group of tags with access rate of 5 or higher in a database with 100,000 records, search time decreased by around 30%.

• Journal of the Korea Institute of Information and Communication Engineering
• /
• v.18 no.7
• /
• pp.1634-1642
• /
• 2014

Mobile RFID system, that consists of the existing RFID reader mounted on the mobile devices such as smartphones, is able to provide the users a variety of services and convenience. But security of mobile RFID system is too weak like the existing RFID system. In this paper, the mobile RFID mutual authentication protocol with high level of security is proposed to overcome the troubles such as cryptographic protocols in the existing RFID system responding with the same value in every authentication procedure and the exposure in the exchange of messages. The proposed protocol exchanges messages unexposed by using the random numbers generated in the mutual authentication between the tag and the reader and making numbers coded with the symmetric key. Besides, the protocol uses the mutual authentication utilizing OTP by considering the characteristics of the reader embedded in mobile devices in the mutual authentication process between the reader and the server. Because changed message in every authentication, which produces safe from spoofing attacks and replay attacks, etc.

• 한국정보컨버전스학회:학술대회논문집
• /
• 2008.06a
• /
• pp.47-52
• /
• 2008

A radio-frequency identification(RFID) tag is a small, inexpensive microchip that emits an identifier in response to a query from a nearby reader. The price of these tags promises to drop to the range of $0.05 per unit in the next several years, offering a viable and powerful replacement for barcodes. The challenge in providing security for low-cost RFID tags is that they are computationally weak devices, unable to perform even basic symmetric-key cryptographic operations. Security researchers often therefore assume that good privacy protection in RFID tags is unattainable. In this paper, we explore a notion of minimalist cryptography suitable for RFID tags. We consider the type of security obtainable in RFID devices with a small amount of rewritable memory, but very limited computing capability. Our aim is to show that standard cryptography is not necessary as a starting point for improving security of very weak RFID devices. Our contribution is threefold: 1. We propose a new formal security model for authentication and privacy in RFID tags. This model takes into account the natural computational limitations and the likely attack scenarios for RFID tags in real-world settings. It represents a useful divergence from standard cryptographic security modeling, and thus a new view of practical formalization of minimal security requirements for low-cost RFID-tag security. 2. We describe protocol that provably achieves the properties of authentication and privacy in RFID tags in our proposed model, and in a good practical sense. Our proposed protocol involves no computationally intensive cryptographic operations, and relatively little storage. 3. Of particular practical interest, we describe some reduced-functionality variants of our protocol. We show, for instance, how static pseudonyms may considerably enhance security against eavesdropping in low-cost RFID tags. Our most basic static-pseudonym proposals require virtually no increase in existing RFID tag resources.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.17 no.4
• /
• pp.103-113
• /
• 2007

In this paper, we present a security analysis of Lightweight RFID Mutual Authentication Protocols-LMAP[10], $M^2AP$[11], EMAP[12]. Based on simple logic operations, the protocols were designed to be suitable for lightweight environments such as RFID systems. In [8,9], it is shown that these protocols are vulnerable to do-synchronization attacks with a high probability. The authors also presented an active attack that partially reveals a tag's secret values including its ID. In this paper, we point out an error from [9] and show that their do-synchronization attack would always succeed. We also improve the active attack in [9] to show an adversary can compute a tag's ID as well as certain secret keys in a deterministic way. As for $M^2AP$ and EMAP, we show that eavesdropping $2{\sim}3$ consecutive sessions is sufficient to reveal a tag's essential secret values including its ID that allows for tracing, do-synchronization and/or subsequent impersonations.