1 / 16

Taesung Kim 2008.09.11

Secure and Serverless RFID Authentication and Search Protocols Chiu C. Tan, Bo Sheng , and Qun Li IEEE Transactions on Wireless Communication APRIL 2008. Taesung Kim 2008.09.11. Contents. Abstract Introduction Related Work RFID Privacy and Security RFID Authentication RFID Search.

dionne
Download Presentation

Taesung Kim 2008.09.11

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. Secure and Serverless RFID Authentication and Search ProtocolsChiu C. Tan, Bo Sheng, and Qun LiIEEE Transactions on Wireless Communication APRIL 2008 TaesungKim 2008.09.11

  2. Contents • Abstract • Introduction • Related Work • RFID Privacy and Security • RFID Authentication • RFID Search

  3. Introduction • What is Radio Frequency Identification? Tag Reader Antenna

  4. Introduction • Solution for RFID Security and Privacy problem • Central database model • Three players in this model • RFID reader, tag, database • 리더와 태그의 상호인증에 database에 저장된 인증정보를 이용 • Database와 연결이 없는 오프 사이트 위치에 있는 리더는 태그의 정보를 볼 수 없다. • Simple alternative • Downloading database to reader • Mobile reader can be stolen. • An adversary will have access to information which include unique tag id and password. • The adversary can make fake tag based on this information.

  5. Introduction • This paper suggest • Security protection as the central database model without persistent connection to the database. • RFID searching problem • Single reader, multiple tag 상황에서 특정 tag의 정보를 검색하는 경우. • Authenticating each tag one at a time is a time consuming process. • This paper suggest several solutions for RFID searching problem.

  6. Related Work • Weis • randomized hash lock • Tag reply to reader query • (r, ID⊕fk(r)) • where r is a random number generated by the tag, • k is the tag’s secret key • and fkis a pseudorandom function. • A secure database searches the ID/secret key, then the real tag ID returned to reader. • Molnar and Wagner • Randomized hash lock scheme does not defend against an eavesdropper. • Reader가 secret key를 알고 있다고 가정 • Reader와 tag가 각각 random number를 만들고 교환한다.

  7. Related Work • Tag reply • ID⊕fk(0, r1, r2) • Compromised reader problem. • Dimitriou • Tag reply • (h(IDi), nt, hIDi(nt, nr)) • where IDiis the tag secret. • nt, nr are both random nubers generated by tag and reader • Database return hIDi+1(nt, nr) • The tag update its screct IDi+1

  8. RFID Authentication • Notations

  9. RFID Authentication • Set up • R obtains r and L from a certificate authority, CA. • Tag, T contains a unique value id, a unique secret t. • Access List Li

  10. RFID Authentication • Authentication Protocol

  11. RFID Search • 특정 태그를 찾고자 할 때 • Reader issues a search request such that only authenticated tag can understand. • The tag reply in such that only an authenticated reader can understand.

  12. RFID Search • Secure search protocol

  13. RFID Search • Search protocol improvement • Tag remember the last used random number.

  14. RFID Search • Search protocol improvement • A challenge and response method

  15. RFID Search • Search protocol improvement • A noise to mask the reply

  16. Thank you!

More Related