Abstract
Recently, RFID system is a main technology to realize ubiquitous computing environments, but the feature of the RFID system may bring about various privacy problems. So, many kinds of protocols to resolve these problems have been researched. In this paper, we analyze the privacy problems of the previous protocols and propose more secure and effective authentication protocol to protect user’s privacy. Then we analyze the security and effectiveness of the proposed protocol comparing with the previous protocols. The proposed protocol is based on Challenge-Response using one-way hash function and random number. The proposed protocol is secure against the replay the attack, spoofing attack and so on. In addition, the proposed protocol is fitted for distributed database environment.
This work was supported by the University IT Research Center Project funded by the Korean Ministry of Information and Communication.
Preview
Unable to display preview. Download preview PDF.
Similar content being viewed by others
References
Associated Press, Benetton undecided on use of ‘smart tags’ , April 8 (2003)
Auto-ID Center, 860MHz-960MHz Class I Radio Frequency Identification Tag Radio Frequency and Logical Communication Interface Specification Recommended Standard, Version 1.0.0, Technical Report MIT-AUTOID-TR007 (2002)
Auto-ID Center, 860MHz-930MHz Class 0 Radio Frequency Identification Tag Protocol Specification Candidate Recommendation, Version 1.0.0, Technical Report MIT-AUTOID-TR016 (2003)
CNET, Wal-Mart cancels ‘smart shelf’ trial (July 2003), http://www.cnet.com
EAN International and the Uniform Code Council, http://www.ean-int.org
EPCglobal, EPC Tag Data Standards Version 1.1 Rev.1.24, http://www.epcglobalinc.org
Federal Information Processing Standards (FIPS), Secure Hash Standard (SHA-1), Technical Report 180-1, National Institute of Standards and Technology(NIST), April 1995, supersedes FIPS PUB 180 (1993)
Finkenzeller, K.: RFID Handbook. John Wiley and Sons, Chichester (2003)
Henrici, D., Müller, P.: Hash-based Enhancement of Location Privacy for Radio-Frequency Identification Devices using Varying Identifiers. In: Proceedings of the Second IEEE Annual Conference on Pervasive Computing and Communications Workshops (PERCOMW 2004), pp. 149–153. IEEE, Los Alamitos (2004)
Juels, A., Pappu, R.: Squealing euros: Privacy protection in RFID-enabled banknotes. In: Wright, R.N. (ed.) FC 2003. LNCS, vol. 2742, pp. 103–121. Springer, Heidelberg (2003)
Juels, A., Rivest, R.L., Szydlo, M.: The Blocker Tag: Selective Blocking of RFID Tags for consumer Privacy. In: Proceedings of 10th ACM Conference on Computer and Communications Security, CCS 2003, pp. 103–111 (2003)
Mao, W.: Modern Cryptography Theory and Practice. Prentice Hall PTR, Englewood Cliffs (2004)
mCloak: Personal/corporate management of wireless devices and technology (2003), http://www.mobilecloak.com
Ohkubo, M., Suzuki, K., Kinoshita, S.: Hash-Chain Based Forward-Secure Privacy Protection Scheme for Low-Cost RFID. In: Proceedings of the SCIS 2004, pp. 719–724 (2004)
Rivest, R.L.: The MD5 Message Digest Algorithm. Technical Report RFC 1321, MIT Lab for Computer Science and RSA Laboratories (April 1992)
Sarma, S., Brock, D.L., Ashton, K.: The Networked Physical World Proposals for Engineering the Next Generation of Computing, Commerce and Automatic-Identification., Technical Report MIT-AUTOID-WH-001 (2001)
Sarma, S.: Towards the 5 cent Tag, Technical Report MIT-AUTOID-WH-006 (2001)
Sarma, S.E., Weis, S.A., Engels, D.W.: RFID systems, Security and Privacy Implications., White Paper MIT-AUTOID-WH-014, MIT AUTO-ID CENTER (2002)
Sarma, S.E., Weis, S.A., Engels, D.W.: RFID systems and security and privacy implications. In: Kaliski Jr., B.S., Koç, Ç.K., Paar, C. (eds.) CHES 2002. LNCS, vol. 2523, pp. 454–469. Springer, Heidelberg (2003)
Sarma, S.E., Weis, S.A., Engels, D.W.: Radio-Frequency Identification: Secure Risks and Challenges. RSA Laboratories Cryptobytes 6(1), 2–9 (Spring 2003)
Weis, S.A.: Security and Privacy in Radio-Frequency Identification Devices. MS Thesis. MIT, Cambridge (2003)
Weis, S.A., Sarma, S.E., Rivest, R.L., Engels, D.W.: Security and Privacy Aspects of Low-Cost Radio Frequency Identification Systems. In: Hutter, D., Müller, G., Stephan, W., Ullmann, M. (eds.) Security in Pervasive Computing. LNCS, vol. 2802, pp. 201–212. Springer, Heidelberg (2004)
Author information
Authors and Affiliations
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2005 Springer-Verlag Berlin Heidelberg
About this paper
Cite this paper
Rhee, K., Kwak, J., Kim, S., Won, D. (2005). Challenge-Response Based RFID Authentication Protocol for Distributed Database Environment. In: Hutter, D., Ullmann, M. (eds) Security in Pervasive Computing. SPC 2005. Lecture Notes in Computer Science, vol 3450. Springer, Berlin, Heidelberg. https://doi.org/10.1007/978-3-540-32004-3_9
Download citation
DOI: https://doi.org/10.1007/978-3-540-32004-3_9
Publisher Name: Springer, Berlin, Heidelberg
Print ISBN: 978-3-540-25521-5
Online ISBN: 978-3-540-32004-3
eBook Packages: Computer ScienceComputer Science (R0)