DOI QR코드

DOI QR Code

Improved RFID Mutual Authentication Protocol using One-Time Pad and One-Time Random Number Based on AES Algorithm

OTP와 일회성 난수를 사용한 AES 알고리즘 기반의 개선된 RFID 상호 인증 프로토콜

  • Yun, Tae-Jin (Dept. of Mobile Engineering, Kyungwoon University) ;
  • Oh, Se-Jin (Graduate School of Electrical Engineering and Computer Science, Kyungpook National University) ;
  • Ahn, Kwang-Seon (School of Computer Science and Engineering, Kyungpook National University)
  • 윤태진 (경운대학교 모바일공학과) ;
  • 오세진 (경북대학교 전자전기컴퓨터학부) ;
  • 안광선 (경북대학교 컴퓨터학부)
  • Received : 2011.08.19
  • Accepted : 2011.09.17
  • Published : 2011.11.30

Abstract

Because RFID systems use radio frequency, they have many security problems such as eavesdropping, location tracking, spoofing attack and replay attack. So, many mutual authentication protocols and cryptography methods for RFID systems have been proposed in order to solve security problems, but previous proposed protocols using AES(Advanced Encryption Standard) have fixed key problem and security problems. In this paper, we analyze security of proposed protocols and propose our protocol using OTP(One-Time Pad) and AES to solve security problems and to reduce hardware overhead and operation. Our protocol encrypts data transferred between RFID reader and tag, and accomplishes mutual authentication by one time random number to generate in RFID reader. In addition, this paper presents that our protocol has higher security and efficiency in computation volume and process than researched protocols and S.Oh's Protocol. Therefore, our protocol is secure against various attacks and suitable for lightweight RFID tag system.

RFID 시스템은 무선 주파수를 이용하기 때문에 도청, 위치 추적, 스푸핑 공격, 재전송 공격과 같은 공격에 취약하다. 이를 해결하고자 RFID 시스템의 상호 인증 기법과 암호화 기법이 활발히 연구되고 있다. 그러나, 과거 AES(Advanced Encryption Standard)를 이용한 대칭키 기반의 프로토콜은 고정키 문제와 보안 취약성을 안고 있어 본 논문에서 기존 프로토콜의 보안 취약성을 증명하고, OTP(One-Time Pad) 기법과 AES를 이용한 프로토콜을 제안하여 보안 취약점을 보완하고 연산, 하드웨어 오버헤드를 감소하고자 한다. 제안 프로토콜은 리더와 태그간 데이터를 암호화하고, 리더의 일회성 난수 사용하여 상호 인증을 한다. 그리고, S.Oh 프로토콜을 비롯한 기존 프로토콜과 비교 분석으로 보안성과 서버, 리더, 태그의 연산량 측면 등 효율성에서 상대적으로 우수함을 보인다.

Keywords

References

  1. S. Oh, K. Chung, C. Jung, K. Ahn, "An RFID Mutual Authentication Protocol using One-time Random Number," Journal of Security Engineering, Vol. 7, No. 3, June. 2010.
  2. K. Finkenzeller, "RFID Hand Book: Fundamentals and Applications in Contactless Smart Card and Identification, Second Edition," John Wiley & Sons Ltd., July. 2003.
  3. P. H. Cole, "Fundamentals in RFID part1, Korean RFID course," 2006, http://autoidlab.eleceng.adelaide.edu.au/ education/FundamentalsInRfidPart1.pdf.
  4. M. Feldhofer, S. Dominikus, Rijmen, J. Wolkerstor fer, "Strong Authentication for RFID Systems Using The AES Algorithm," ICCHES, pp. 357-370, August. 2004.
  5. B. Koo, G. Ryu, S. Yang, T. Chang, S. Lee, "Low-cost AES Implementation for RFID tags," Journal of KIISC, Vol. 16, No. 5, pp. 67-77, October. 2006.
  6. M. Jung, Horst Fiedler, and Renee Lerch, "8-Bit Micr ocontroller System with Area Efficient AES Coprocessor for Transponder Application," Workshop on RFID and Lightweight Crypto, pp. 32-43, July. 2005.
  7. J. Ha, J. Park, J. Ha, H. Kim, S. Moon, "Low-cost Authentication Protocol Using Pre-synchronized Search Information in RFID System," Journal of KIISC, Vol. 18, No. 1, pp. 77-87, February. 2008.
  8. J. Daemen, V. Rijmen, "The Design of Rijndael," AES-The Advanced Encryption Standard, Spring er-Verlog, Berlin, Heidelberg, New York, March. 2002.
  9. J. Daemen, V. Rijmen, "AES Proposal; Rijndael, Version2," Submission to NIST, March. 1999.
  10. M. Aigner and M. Feldhofer, "Secure Symmetric Authentication for RFID Tags," Telecommunication and mobile computing - TCMC 2005, March. 2005.
  11. B. Toiruul, K. Lee, "An Advanced Mutual-Authentic ation Algorithm Using AES for RFID Systems," IJCSNS, September. 2006.
  12. M. F. Mubarak, J. A. Manan, S. Yahya, "Mutual Attestation Using TPM for Trusted RFID Protocol," In 2nd International Conference on Network Applications, Protocols and Services-NETAPPS 2010, Kedah, Malaysia, September. 2010.
  13. M. F. Mubarak, J. A. Manan, S. Yahya, "A Critical Review on RFID System towards Security, Trust, and Privacy (STP)," 2011 IEEE 7th International Colloquium on Signal Processing and its Applications, pp. 39-44, March. 2011.
  14. Gilbert S. Vernam, "U.S.Patent 1,310,719. Secret signaling system," July. 1919.
  15. C. Shannon, "Communication Theory of Secrecy Systems," Bell System Technical Journal, Vol. 28, pp. 656-715, October. 1949. https://doi.org/10.1002/j.1538-7305.1949.tb00928.x
  16. Jiao-Hongqiang, Tian-Junfeng, Wang-Baomin, "A Study on the One-Time Pad Scheme Based Stern-Brocot Tree," ISCSCT 2008, pp. 568-571, December. 2008.