1. 1 Secure and Serverless RFID Authentication and Search Protocols Authors: Chiu C. Tan, Bo Sheng, and Qun Li Sources: IEEE Transaction on Wireless Communication, vol. 7, no. 4, pp. 1400-1407, 2008 Speaker: C. H. Wei Date: 2009.10.1

2. 2 Outline The problem Authentication protocol Secure search protocol Conclusion Comments

3. 3 The Problem Traditional RFID System is based on Central database. –It is not useful in other scenario –The truck driver is unable to connect with the central database to authenticate the goods Serverless( 無主機 ) RFID

4. 4 CA (Certificate Authority) ReaderTag Secure channel Insecure channel

5. 5 Authentication Protocol

6. 6 Security Analysis Basic Privacy –Assume that adversary has a list of targeted RFID tags –Tag generates a new response at each time – Adversary cannot identify which RFID tag is on his list Tracking –Adversary cannot predict the random n j generated each time

7. 7 Security Analysis (cont.) Cloning –Adversary want to replace a fake RFID tag –Adversary cannot predict n i Eavesdropping –Adversary learns r i, n i, n j, –Adversary does not know ;therefore, it cannot derive the correct hash result

8. 8 Security Analysis (cont.) Physical attack –Adversary compromises the reader Attacker know the contents of L i The goal is to prevent attacker counterfeit tag that can fool another reader –Adversary compromises the Tag Attacker know any information that reader passes to tag The goal is to prevent attacker creating another tag that can fool reader

9. 9 Denial of Service (DoS) –Adversary sends a large number of requests to the backend server to overwhelm the server. Reader only needs to contact the server once to obtain an access list. Security Analysis (cont.)

10. 10 Secure search protocol A pharmacist wanting to find a particular drug can broadcast his query and receive an answer

11. 11 Search protocol improvement Ⅰ To force the reader use a different random number n r for each new query

12. 12 Search protocol improvement Ⅱ To avoid the condition where replying to a query can be used to identify a tag Multiple tags share the same m bits, attacker cannot infer any unique information from the reply

13. 13 Search protocol improvement Ⅲ The solution is to use noise to mask the reply

14. 14 Comments 解決的問題 – 傳統的 RFID 都是有線連結後端資料庫 – 實際在應用上，可能的情況有貨車司機被派遣到 遠距離的地區去收集附加 tag 的資料，貨車司機 有 2 用功能的機器 (PDA 和 RFID Reader) ，但無法 上網連結後端資料庫確認 tag 的資訊 – 此論文建議的方法讓 Reader 可以儲存資訊，即使 無法連線，只馮 Reader 也可以確認 tag 是否合法

15. 15 Comments Advantage –Serverless RFID 的概念，在現實環境中確實是有需 要 – 本篇的解法把原本存在 Server 端資料，透過可靠的 certificate authority (CA) copy 一份在 reader Disadvantage – 本篇所建議的 secure authentication protocol 是假設 reader 和 tag 之間是 insecure ，和之前學者研究的傳統 RFID 的 authentication protocol 並無差別 – 無法抵抗 Tracking 因為每次傳送的 都一樣

16. 16 Comments Mobile RFID – 無法連結上網 ( 將資料庫存在 mobile reader) 假設 insecure channel between the reader and the tag 任何人拿到 mobile reader 都可以去讀取資料，因此 確認 user 的身份變的重要 除了預先將資料庫儲存在 mobile reader ，要使用 mobile reader 要先輸入 password 再進行讀取 tag 的 動作

17. 17 Comments Mobile RFID – 無線網路連結上網 假設 insecure channel between the server and the reader 和 insecure channel between the reader and the tag Mobile RFID reader, tag 和 Sensor node, 基地台有 點相似，都是需要 lightweight computation 和無線傳 輸，可以改良 wireless sensor network 相關安全機 制 是否也可以考慮 smart card + mobile reader –Registration phase –Login phase –Verification phase