| Summary: | 碩士 === 明新科技大學 === 資訊管理研究所 === 97 === In recent years, RFID (Radio Frequency Identification) has been widely applied in many fields to identify or track objects. As its deployment costs reduced and applicable functions extended, RFID is gradually replacing the traditional bar code systems, giving RFID great potential in development.
As RFID identifies by radio frequency signals, attackers may eavesdrop RFID communications or use illegal readers for arbitrary reading, and thus creating privacy and security concerns. With significant drop in cost, RFID is expected to be universally used in our daily lives. Consumers may carelessly discard objects with embedded tags after use, which may be easily obtained by attackers. Then, the attackers may compromise the data stared in the tags and identify transaction records of the tags from back-end database to track them or their holders. Therefore, forward secrecy will become a major topic of RFID in the near future.
The security protocols proposed in recent literature all rely on updating the shared key of the back-end database and the tag after each reading to achieve forward secrecy. The updated methods are categorized into three types: hash chain, pseudo-random number generator and other methods. However, the computing power and capacity of the tags conforming to the new global standard, EPC Class 1 Generation 2, are limited, so hash functions and other complex computations are not supported. The solutions proposed for the standard have their security problems. Thus, this study aims to discuss the forward secrecy of RFID, analyze the existing security mechanisms and propose a lightweight protocol to effectively promote RFID application security, allowing consumers to enjoy the technological convenience brought by RFID.
|
|---|
