Presentation is loading. Please wait.

Presentation is loading. Please wait.

- 1 - Secure and Serverless RFID Authentication and Search Protocols Chiu C. Tan, Bo Sheng, and Qun Li IEEE Transactions on Wireless Communication APRIL.

Published byMarion Kennedy Modified over 9 years ago

Similar presentations

Presentation on theme: "- 1 - Secure and Serverless RFID Authentication and Search Protocols Chiu C. Tan, Bo Sheng, and Qun Li IEEE Transactions on Wireless Communication APRIL."— Presentation transcript:

1 - 1 - Secure and Serverless RFID Authentication and Search Protocols Chiu C. Tan, Bo Sheng, and Qun Li IEEE Transactions on Wireless Communication APRIL 2008 Taesung Kim 2008.09.11

2 - 2 - Contents Abstract Introduction Related Work RFID Privacy and Security RFID Authentication RFID Search

3 - 3 - Introduction What is Radio Frequency Identification? Tag Antenna Reader

4 - 4 - Introduction Solution for RFID Security and Privacy problem –Central database model –Three players in this model RFID reader, tag, database – 리더와 태그의 상호인증에 database 에 저장된 인증정보를 이용 –Database 와 연결이 없는 오프 사이트 위치에 있는 리더는 태그의 정보를 볼 수 없다. Simple alternative –Downloading database to reader –Mobile reader can be stolen. –An adversary will have access to information which include unique tag id and password. –The adversary can make fake tag based on this information.

5 - 5 - Introduction This paper suggest –Security protection as the central database model without persistent connection to the database. RFID searching problem –Single reader, multiple tag 상황에서 특정 tag 의 정보를 검색하 는 경우. –Authenticating each tag one at a time is a time consuming process. This paper suggest several solutions for RFID searching problem.

6 - 6 - Related Work Weis –randomized hash lock –Tag reply to reader query (r, ID ⊕ f k (r)) –where r is a random number generated by the tag, –k is the tag’s secret key –and f k is a pseudorandom function. A secure database searches the ID/secret key, then the real tag ID returned to reader. Molnar and Wagner –Randomized hash lock scheme does not defend against an eavesdropper. –Reader 가 secret key 를 알고 있다고 가정 –Reader 와 tag 가 각각 random number 를 만들고 교환한다.

7 - 7 - Related Work –Tag reply ID ⊕ f k (0, r1, r2) –Compromised reader problem. Dimitriou –Tag reply (h(ID i ), nt, h IDi (nt, nr)) –where ID i is the tag secret. –nt, nr are both random nubers generated by tag and reader Database return h IDi+1 (nt, nr) The tag update its screct ID i+1

8 - 8 - RFID Authentication Notations CA Trusted party, responsible for authenticating readers and deploying tags RiRi RFID reader i riri id for RFID reader R i LiLi access list for RFID reader R i n number of entries in L i TiTi RFID tag i id i id for RFID tag T i titi secret for RFID tag T i h(x) one-way hash function f(x,y) Concatenate x and y, then applying h(.), h(x||y) l number of bits of hash h(.) m CA defined number of bits, m < l

9 - 9 - RFID Authentication Set up –R obtains r and L from a certificate authority, CA. –Tag, T contains a unique value id, a unique secret t. –Access List L i

10 - 10 - RFID Authentication Authentication Protocol

11 - 11 - RFID Search 특정 태그를 찾고자 할 때 Reader issues a search request such that only authenticated tag can understand. The tag reply in such that only an authenticated reader can understand.

12 - 12 - RFID Search Secure search protocol

13 - 13 - RFID Search Search protocol improvement –Tag remember the last used random number.

14 - 14 - RFID Search Search protocol improvement –A challenge and response method

15 - 15 - RFID Search Search protocol improvement –A noise to mask the reply

16 - 16 - Thank you!

Download ppt "- 1 - Secure and Serverless RFID Authentication and Search Protocols Chiu C. Tan, Bo Sheng, and Qun Li IEEE Transactions on Wireless Communication APRIL."

Similar presentations

Mitigate Unauthorized Tracking in RFID Discovery Service Qiang Yan 1, Robert H. Deng 1, Zheng Yan 2, Yingjiu Li 1, Tieyan Li 3 1 Singapore Management University,

Mitigate Unauthorized Tracking in RFID Discovery Service Qiang Yan 1, Robert H. Deng 1, Zheng Yan 2, Yingjiu Li 1, Tieyan Li 3 1 Singapore Management University,
Key distribution and certification In the case of public key encryption model the authenticity of the public key of each partner in the communication must.

Key distribution and certification In the case of public key encryption model the authenticity of the public key of each partner in the communication must.
1 Security in Wireless Protocols Bluetooth, 802.11, ZigBee.

1 Security in Wireless Protocols Bluetooth, , ZigBee.
KAIS T Message-In-a-Bottle: User-Friendly and Secure Key Deployment for Sensor Nodes Cynthia Kuo, Mark Luk, Rohit Negi, Adrian Perrig(CMU), Sensys07 2007.

KAIS T Message-In-a-Bottle: User-Friendly and Secure Key Deployment for Sensor Nodes Cynthia Kuo, Mark Luk, Rohit Negi, Adrian Perrig(CMU), Sensys
A Simple and Cost-effective RFID Tag-Reader Mutual Authentication Scheme Divyan M. Konidala, Zeen Kim, Kwangjo Kim {divyan, zeenkim, International.

A Simple and Cost-effective RFID Tag-Reader Mutual Authentication Scheme Divyan M. Konidala, Zeen Kim, Kwangjo Kim {divyan, zeenkim, International.
Serverless Search and Authentication Protocols for RFID Chiu C. Tan, Bo Sheng and Qun Li Department of Computer Science College of William and Mary.

Serverless Search and Authentication Protocols for RFID Chiu C. Tan, Bo Sheng and Qun Li Department of Computer Science College of William and Mary.
AUTHENTICATION APPLICATIONS - Chapter 14 Kerberos X.509 Directory Authentication (S/MIME)

AUTHENTICATION APPLICATIONS - Chapter 14 Kerberos X.509 Directory Authentication (S/MIME)
Achieving Better Privacy Protection in WSNs Using Trusted Computing Yanjiang YANG, Robert DENG, Jianying ZHOU, Ying QIU.

Achieving Better Privacy Protection in WSNs Using Trusted Computing Yanjiang YANG, Robert DENG, Jianying ZHOU, Ying QIU.
Public-key based. Public-key Techniques based Protocols –may use either weak or strong passwords –high computation complexity (Slow) –high deployment.

Public-key based. Public-key Techniques based Protocols –may use either weak or strong passwords –high computation complexity (Slow) –high deployment.
A lightweight mutual authentication protocol for RFID networks 2005 IEEE Authors : Zongwei Luo, Terry Chan, Jenny S. Li Date : 2006/3/21 Presented by Hung.

A lightweight mutual authentication protocol for RFID networks 2005 IEEE Authors : Zongwei Luo, Terry Chan, Jenny S. Li Date : 2006/3/21 Presented by Hung.
1 Dynamic Key-Updating: Privacy- Preserving Authentication for RFID Systems Li Lu, Lei Hu State Key Laboratory of Information Security, Graduate School.

1 Dynamic Key-Updating: Privacy- Preserving Authentication for RFID Systems Li Lu, Lei Hu State Key Laboratory of Information Security, Graduate School.
Security in RFID Presented By… NetSecurity-Spring07

Security in RFID Presented By… NetSecurity-Spring07
Authentication. Terminology  Authentication التثبت من الهوية  Access Control (authorization) التحكم في الوصول  Note the difference between the two.

Authentication. Terminology  Authentication التثبت من الهوية  Access Control (authorization) التحكم في الوصول  Note the difference between the two.
CMSC 414 Computer and Network Security Lecture 21 Jonathan Katz.

CMSC 414 Computer and Network Security Lecture 21 Jonathan Katz.
RFID Security and Privacy Part 2: security example.

RFID Security and Privacy Part 2: security example.
Security and Privacy Aspects of Low-Cost Radio Frequency Identification Systems Stephen A. Weis, Sanjay E. Sarma, Ronald L. Rivest and Daniel W. Engels.

Security and Privacy Aspects of Low-Cost Radio Frequency Identification Systems Stephen A. Weis, Sanjay E. Sarma, Ronald L. Rivest and Daniel W. Engels.
1 電子商務代理人與無線射頻系統上安全設計之研究 The Study of Secure Schemes on Agent-based Electronic Commerce Transaction and RFID system 指導教授 : 詹進科 教授 (Prof. Jinn-Ke Jan) 陳育毅.

1 電子商務代理人與無線射頻系統上安全設計之研究 The Study of Secure Schemes on Agent-based Electronic Commerce Transaction and RFID system 指導教授 : 詹進科 教授 (Prof. Jinn-Ke Jan) 陳育毅.
#1 Privacy in pervasive computing What can technologists do? David Wagner U.C. Berkeley In collaboration with David Molnar, Andrea Soppera, Ari Juels.

#1 Privacy in pervasive computing What can technologists do? David Wagner U.C. Berkeley In collaboration with David Molnar, Andrea Soppera, Ari Juels.
YA-TRAP: Yet Another Trivial RFID Authentication Protocol Gene Tsudik International Conference on Pervasive Computing and Communications, PerCom 2006.

YA-TRAP: Yet Another Trivial RFID Authentication Protocol Gene Tsudik International Conference on Pervasive Computing and Communications, PerCom 2006.
RFID in Mobile Commerce and Security Concerns Chassica Braynen April 25, 2007.

RFID in Mobile Commerce and Security Concerns Chassica Braynen April 25, 2007.

Similar presentations

Ads by Google