Journal of KIISE:Computer Systems and Theory (한국정보과학회논문지:시스템및이론)

Korean Institute of Information Scientists and Engineers (한국정보과학회)
권호 표지

Analysis and Implementation of RFID Security Protocol using Formal Verification

정형검증을 통한 RFID 보안프로토콜 분석 및 구현

  • Published : 2008.08.15
Download PDF
⟨ Previous Next ⟩

Abstract

Radio Frequency Identification (RFID) technology is an important part of infrastructures in ubiquitous computing. Although all products using tags is a target of these services, these products also are a target of attacking on user privacy and services using authentication problem between user and merchant, unfortunately. Presently, it is very important about security mechanism of RFID system and in this paper, we analyze the security protocol among many kinds of mechanisms to solve privacy and authentication problem using formal verification and propose a modified novel protocol. In addition, the possibility of practical implementation for proposed protocol will be discussed.

Radio Frequency Identification(RFID: 무선주파수식별) 기술은 유비쿼터스 구조 기술의 중요한 한 부분을 이루고 있다. 태그를 이용한 모든 제품들이 이러한 서비스의 대상이 되고 있지만 불행히도 다방면에 이용되는 이면에는 사용자의 사생활과 사용자 및 판매자간의 인증문제를 이용한 서비스 공격의 대상이 되고 있다. 현재 이러한 RFID 시스템의 보안 메커니즘들은 이슈화되고 있으며 본 논문에서는 여러가지 메커니즘들 중 사생활 및 인증문제 해결을 위해 정형검증을 통한 보안프로토콜 분석 및 취약성을 수정한 프로토콜을 제안하고자 한다. 또한 제안된 프로토콜의 실현가능성을 위한 구현가능성을 언급하고자 한다.

Keywords

References

  1. Sarma, S., Weis, S., and Engels, D., "RFID Systems and Security and Privacy Implications," In Workshop on Cryptographic Hardware and Embedded Systems (CHES) 2002, LNCS No. 2523, pp. 454-469, 2003
  2. EPCGLOBAL INC.: http://www.epcglobalinc.org
  3. Clarke, E.M. and Wing, J.M., "Formal Methods: State of the Art and Future Directions," ACM Computing Surveys (CSUR), Volume 28, Issue 4, pp. 626-643, 1996 https://doi.org/10.1145/242223.242257
  4. Boussinot, F. and de Simone, R.,"The ESTEREL language," In Proc.of the IEEE, Volume 79,Issue 9, pp. 1293-1304, 1991
  5. Ulrich S. and David L. Dill, "Parallelizing the Murϕ Verifier," Formal Methods in System Design, Volume 18, No.2, pp. 117-129, 2001 https://doi.org/10.1023/A:1008771324652
  6. Formal Systems Ltd. FDR2 User Manual, Aug. 1999
  7. Weis, S., Sarma, S., Rivest, R. and Engels, D., "Security and Privacy Aspects of Low-Cost Radio Frequency Identification Systems," In 1st Intern. Conference on Security in Pervasive Computing (SPC), pp. 201-212, 2003
  8. Juels, A., "Privacy and Authentication in Low-cost RFID tags," In submission, Available at http://www. rsasecurity.com/rsalabs/staff/bios/ajuels/
  9. Weis, S., "Security and privacy in radiofrequency identification devices," Massachusetts Institute of Technology (MIT). Massachusetts, USA, 2003
  10. Chien, H.Y. and Chen, C.H., "Mutual Authenti- cation Protocol for RFID Conforming to EPC Class 1 Generation 2 Standards," Computers Standards & Interfaces, Volume 29, Issue 2, pp. 254- 259, 2007 https://doi.org/10.1016/j.csi.2006.04.004
  11. Kosta, M. E., Hansen, M., and Gasson, M., "An Analysis of Security and Privacy Issues Relating to RFID Enabled ePassports," IFIP SEC, pp. 467- 472, 2007 https://doi.org/10.1007/978-0-387-72367-9_42
  12. Peris-Lopez, P., Hernandez-Castro, J. C., Estevez- Tapiador, J. M., and Ribagorda, A., "EMAP: An Efficient Mutual Authentication Protocol for Low- cost RFID Tags," OTM Federated Conferences and Workshop: IS Workshop, pp. 352-361, 2006 https://doi.org/10.1007/11915034_59
  13. Defend, B. and Juels, A., "Cryptanalysis of Two Lightweight RFID Authentication Schemes," International Workshop on Pervasive Computing and Communication Security PerSec (2007)
  14. Lowe, G., "Casper: A compiler for the analysis of security protocols," the 1997 IEEE Computer Security Foundations Workshop X, IEEE Computer Society, Silver Spring, MD, pp. 18-30, 1997
  15. Hoare, C.A.R., Communicating Sequential Processes, Prentice-Hall, 1985.
  16. Juels, A., "Minimalist Cryptography for RFID Tags," In Proc. of Security in Comm. Networks (SCN), LNCS, pp. 149-164, 2004
  17. Juels, A., Rivest, R.L., and Szydlo, M., "The Blocker Tag:?Selective Blocking of RFID tags for Consumer Privacy," In Proc. of the 10th ACM conference on Computer and communications security, pp. 103-111, 2003
  18. Golle, P., Jakobsson, M., Juels, A., and Syverson, P., "Universal Reencryption for Mixnets," RSA Conference Cryptographers Track (CT-RSA 2004), LNCS 2964, pp. 163-178, 2004
  19. Gaubatz, G., Kaps, J., and Sunar, B., "Public Keys Cryptography in Sensor Networks Revisited," the 1st European Workshop on Security in Ad-Hoc and Sensor Networks(ESAS 2004), pp. 2-18, 2005
  20. Perrig, A., et al., "SPINS : Security Protocols for Sensor Networks," Mobile Computing and Net- working 2001