题名

RFID認證協定之分類介紹與安全性分析

DOI

10.29614/DRMM.200807.0007

作者

王智弘;蔡宛諭

关键词

無線射頻辨識RFID技術 ; 安全security ; 個人隱私privacy ; 認證協定

期刊名称

資訊安全通訊

卷期/出版年月

14卷3期(2008 / 07 / 01)

页次

100 - 121

内容语文

繁體中文
中文摘要

RFID(無線射頻辨識,Radio-Frequency Identification)是近年來使用頻繁的技術之一,許多地方發展此系統達到生活之便利性,RFID特別的地方在於,嵌入標籤(Tag)的卡片本身並不需要儲存電力,卡片經過讀取器(Reader)的讀取範圍內,由標籤內部硬體的原理“磁生電”,持卡人手上的卡片即可以與讀取器溝通,不同於其他簡易裝置設備必須考慮電力之問題;RFID另一項特點為,讀取器一次可以讀取多個標籤,並在讀取器的顯示幕上列出標籤清單,不同於以往商品的條碼,利於減省人力資源;雖然RFID系統有上述優點,但是在多數國家中,仍然有專家學者反對將其系統使用在會影響隱私權的物品上,例如:護照和金融卡等,在RFID系統下,假如沒有任何保護機制(加密資料或是認證身分),任何非法或是偽裝之角色(後端資料庫、讀取器或是標籤),甚至攻擊者,皆可藉由攻擊或是監聽傳送訊息,更改標籤的內容以及追蹤標籤,上述之結果違反持卡人之隱私權,本文回顧過去學者所研究的數種RFID系統的認證協定,並敘述其是否達到RFID要求的安全需求,藉由本文談論之認證協定,避免發生上述結果影響持卡人之隱私權。
主题分类 基礎與應用科學 > 資訊科學
参考文献
  1. A. Juels(2006).RFID Security and Privacy: A Research Survey.IEEE Journal on Selection Areas in Communications,24(2),381-394.
  2. A. Juels,C. Blundo,S. Cimato, (editors)(2004).Minimalist cryptography for low-cost RFID Tags.The Fourth International Conference on Security in Communication Networks-SCN 2004
  3. B. Toiruul,K. Lee(2006).An Advanced Mutual-Authentication Algorithm Using AES for RFID Systems.International Journal of Computer Science and Network Security,6(9),156-162.
  4. C.-H. Wang,W.-Y. Tsai(2008).An RFID authentication scheme for wireless communication channel.Cryptology and Information Security Conference (CISC)
  5. D.N. Duc,J. Park,H. Lee,K. Kim(2006).Enhancing security of EPCglobal GEN-2 RFID Tag against traceability and cloning.The 2006 Symposium on Cryptography and Information Security
  6. H.-Y. Chien(2007).SASI: A New Ultralightweight RFID Authentication Protocol Providing Strong Authentication and Strong Integrity.IEEE Transactions on Dependable and Secure Computing,4(4),337-340.
  7. H.-Y. Chien,C.-H. Chen(2007).Mutual authentication protocol for RFID conforming to EPC Class 1 Generation 2 standards.Computer Standards & Interfaces 29.
  8. H.-Y. Chien,C.-W. Huang(2007).Security of ultra-lightweight RFID authentication protocols and its improvements.ACM SIGOPS Operating Systems Review,41(4),83-86.
  9. J. Yang,J. Park,H. Lee,K. Ren,K. Kim(2005).ECRYPT Workshop on RFID and Lightweight Crypto.Graz, Austria.
  10. K. Yuksel(2004).Dept. of Electronical Engineering, WPI.
  11. L. Batina,J. Guajardo,T. Kerins,N. Mentens,P. Tuyls,I. Verbauwhede(2007).Public-Key Cryptography for RFID-Tags.Proceedings of the Fifth Annual IEEE International Conference on Pervasive Computing and Communications Workshops (PerComW`07)
  12. P. Peris-Lopez,J.C. Hernandez-Castro,J.M. Estevez-Tapiador,A. Ribagorda(2006).M2AP: A Minimalist Mutual-Authentication Protocol for Low- Cost RFID Tags.Proc. Int`l Conf. Ubiquitous Intelligence and Computing (UIC`06)
  13. S. Karthikeyan,M. Nesterenko(2005).RFID security without extensive cryptography.Proceedings of the 3rd ACM Workshop on Security of Ad Hoc and Sensor Networks.
  14. S. Mangard,M. Aigner,S. Dominikus(2003).A highly regular and scalable AES hardware architecture.IEEE Trans. Comput.,52(4),483-491.
  15. S.-A. Weis,S.-E. Sarma,R.-L. Rivest,D.-W. Engels(2004).Proc. of the 1st Security in Pervasive Computing.LNCS.
  16. T. Li,G. Wang(2007).Security Analysis of Two Ultra-Lightweight RFID Authentication Protocols.Proc. 22nd IFIP TC-11 Int`l Information Security Conf..
  17. Y.-K. Lee,I. Verbauwhede(2005).International Workshop on Adaptive Wireless Networks-AWiN.Missouri, USA:Saint Louis.
print cancel