15-01-07 10:15
Age: 5 yrs

BY: LEE, HYUNROK; YANG, JEONGKYU; KIM KWANGJO

Radio frequency identification (RFID) is the latest technology to play an important role for object identification as a ubiquitous infrastructure. However, current low-cost RFID tags are highly resource constrained and cannot support its long-term security, so they have potential risks and may violate privacy for their bearers. To remove security vulnerabilities, we propose a robust mutual authentication protocol between a tag and a back-end server for low-cost RFID system that guarantees data privacy and location privacy of tag bearers. Our protocol firstly provides reader authentication and prevent active attacks based on the assumption that a reader is no more a trusted third party and the communication channel between the reader and the back-end server is insecure like wireless channel. Also, the proposed protocol exhibits forgery resistant against simple copy, or counterfeiting prevailing RFID tags. Furthermore, we enhance our protocol to prevent tracking attack and desynchronization attack which are raised a question in previous version of our protocol by Ari juels. As tags only have hash function and exclusive-or operation, our proposed protocol is very feasible for low-cost RFID system compared to the previous works.

This paper also appears in the book:
Networked RFID Systems and Lightweight Cryptography
Raising Barriers to Product Counterfeiting
Cole, Peter H.; Ranasinghe, Damith C. (Eds.)
2007, Approx. 360 p., Hardcover
ISBN: 978-3-540-71640-2
www.springer.com/dal/home/generic/search/results

<- Back to: Publications