Most of the Radio Frequency IDentification (RFID) authentication protocols, proposed to preserve security and privacy, are analysed to show that they can not provide security against some passive or active attacks. In...Most of the Radio Frequency IDentification (RFID) authentication protocols, proposed to preserve security and privacy, are analysed to show that they can not provide security against some passive or active attacks. In this paper, the security of two matrix-based protocols, proposed by Karthikeyan and Nesterenko (KN protocol) and Ramachandra et al. (RRS protocol) that conform to Electronic Product Code Class-1 Generation-2 (EPC Class-1 Gen-2) standard, are investigated. Using the linear relationship of multiplication of matrix and vector, we point out that both protocols can not provide scalability, and they are vulnerable to passive impersonation attack. In addition, both protocols are totally insecure if the adversary can compromise one tag to extract the secrets. A modified lightweight matrix-based authentication protocol is presented, which can resist mainly common attacks on an RFID authentication system including eavesdropping, relay attack, desynchronization attack, impersonation attack and tag tracking attack. The new protocol also has the desirable scalability property and can keep secure under compromising attack.展开更多
Secure and private authentication protocol is important in Radio Frequency Identification (RFID) technology.To date,researchers have proposed many RFID authentication protocols.However,these protocols have many flaws ...Secure and private authentication protocol is important in Radio Frequency Identification (RFID) technology.To date,researchers have proposed many RFID authentication protocols.However,these protocols have many flaws due to lack of theoretical support in designing these protocols.In this work,first we present the security and privacy requirements in RFID authentication protocols.Then we examine related works and point out problems in designing RFID authentication protocols.To solve these problems,we propose and briefly prove three theorems.We also give necessary examples for better understanding these theorems with concrete protocols.At last,we give our suggestions on designing secure and private authentication protocols.The security and privacy requirements,theorems,and suggestions will facilitate better understanding and designing of RFID authentication protocols in the future.展开更多
基金Supported by the Priority Academic Program Development of Jiangsu Higher Education Institutions (PAPD)the National Natural Science Foundation of China (No.60903181)Nanjing University of Posts and Telecommunications Funds (No.NY208072)
文摘Most of the Radio Frequency IDentification (RFID) authentication protocols, proposed to preserve security and privacy, are analysed to show that they can not provide security against some passive or active attacks. In this paper, the security of two matrix-based protocols, proposed by Karthikeyan and Nesterenko (KN protocol) and Ramachandra et al. (RRS protocol) that conform to Electronic Product Code Class-1 Generation-2 (EPC Class-1 Gen-2) standard, are investigated. Using the linear relationship of multiplication of matrix and vector, we point out that both protocols can not provide scalability, and they are vulnerable to passive impersonation attack. In addition, both protocols are totally insecure if the adversary can compromise one tag to extract the secrets. A modified lightweight matrix-based authentication protocol is presented, which can resist mainly common attacks on an RFID authentication system including eavesdropping, relay attack, desynchronization attack, impersonation attack and tag tracking attack. The new protocol also has the desirable scalability property and can keep secure under compromising attack.
基金supported in part by the Natioual Natural Science Foundation of China(Grant No.60933003)the High Technical Research and Development Program of China(Grant No.2006AA01Z101)+1 种基金Shaanxi ISTC(Grant No.2008KW-02)IBM Joint Project
文摘Secure and private authentication protocol is important in Radio Frequency Identification (RFID) technology.To date,researchers have proposed many RFID authentication protocols.However,these protocols have many flaws due to lack of theoretical support in designing these protocols.In this work,first we present the security and privacy requirements in RFID authentication protocols.Then we examine related works and point out problems in designing RFID authentication protocols.To solve these problems,we propose and briefly prove three theorems.We also give necessary examples for better understanding these theorems with concrete protocols.At last,we give our suggestions on designing secure and private authentication protocols.The security and privacy requirements,theorems,and suggestions will facilitate better understanding and designing of RFID authentication protocols in the future.