學術產出-Theses
Article View/Open
Publication Export
-
題名 一個極輕量級RFID認證協議的安全性分析與改良
Security Analysis and Improvements on an Authentication Protocols in Ultra-Lightweight RFID Systems作者 黃思瑋 貢獻者 左瑞麟
黃思瑋關鍵詞 極輕量級RFID認證協議
複製攻擊
物理不可克隆函數日期 2013 上傳時間 1-Oct-2013 13:47:33 (UTC+8) 摘要 無線射頻識別(RFID)技術是一種無線通訊技術。利用無線電射頻信號,以非接觸的方式,識別特定目標並讀寫相關數據,由後端資料庫系統取得相關資料。因為具備了不需要視覺接觸就能夠遠距離辨識身份和成本低廉的特性,使得這項技術運用在各種領域應用上能帶來前所未有的便利。然而,RFID技術所遇到的最大困難點在於其協定中缺乏隱私保護及資料安全。這使得透過無線訊號傳遞的資料,容易遭受到攻擊者的監聽、掃瞄與追蹤。許多學者為了解決這個問題有提出過許多的方案。其中Bassil等學者於2012年提出基於PUF的輕量級RFID認證方案,此方案可防止被物理克隆攻擊,但此方案所提出之協議仍有安全上的弱點。因此,在此篇論文中,我們基於Bassil等學者提出的方案,分析其安全性漏洞,並在兼顧安全性與低成本的特性下,提出新的基於PUF函數的新的輕量級RFID認證協議。 參考文獻 [1] R. Bassil, W. El-Beaino, W. Itani, A. Kayssi, and A. Chehab. "PUMAP: A PUF-based ultra-lightweight mutual-authentication RFID protocol. " International Journal of RFID Security and Cryptography, 1(1), March (2012)[2] H. Chien. "SASI: A New Ultralight weight RFID Authentication Protocol Providing Strong Authentication and Strong Integrity." IEEE Transactions on Dependable and Secure Computing 4(4)Oct.-Dec. (2007)[3] T.Cao, E. Bertino, and H. Lei.“Security Analysis of the SASI Protocol”.IEEE Transactions on Dependable and Secure Computing (2008).[4] S. Devadas, E. Suh, S. Paral, R. Sowell, T. Ziola, V. Khandelwal, "Design and implementation of PUF-based unclonable RFID ICs for anti-counterfeiting and security applications,” in Proc. IEEE International Conference on RFID, April (2008).[5] A. Eghdamian and A. Samsudin. "A secure protocol for ultralightweight radio frequency identication (RFID) tags. " In Informatics Engineering and Infor-mation Science ICIEIS 2011, volume 251 of Communications in Computer and Information Science , Kuala Lumpur, Malaysia, Springer. November (2011)[6] EPCglobal, http://www.epcglobalinc.org/, 2007.[7] G. Y. Jin, X. Y. Lu, M. S. Park. "An Indoor Localization Mechanism Using Active RFID Tag. " In SUTC, (2006)[8] P. P. Lopez, J. C. H. Castro, J. M. E. Tapiador, and A. Ribagorda. "M2AP: a minimalist mutual-authentication protocol for lowcost RFID Tags. "inProc.International Conference on Ubiquitous Intelligence and Computing (2006)[9] P. P. Lopez, J. C. H. Castro, J. M. E. Tapiador,A. Ribagorda."LMAP: a real lightweight mutual authentication protocol for low-cost RFID Tags." in Proc. Workshop RFID Security.(2006)[10] P. P. Lopez, J. C. H. Castro, J. M. Estevez-Tapiador, and A. Ribagorda. "EMAP: An efficient mutual authentication protocol for low-cost RFID Tags. " Springer-Verlag,In Proc. of IS`06, volume 4277 of LNCS.(2006)[11] P. P. Lopez, J. C. H. Castro, J. M. E. Tapiador,A. Ribagorda. "Advances in Ultralightweight Cryptography for Low-cost RFID Tags: Gossamer Protocol", In Workshop on Information Security Applications, Volume 5379 of LNCS, (2008)[12] T. Li and G. Wang. "Security Analysis of Two Ultra-Lightweight RFID Authentication Protocols", Proc. 22nd IFIP TC-11 Int’1Information Security Conference.(2007)[13] Y. Lee. "Two ultralightweight authentication protocols for low-cost RFID tags. "Applied Mathematics and Information Sciences, 6(2S) May (2012)[14] L. M. Ni, Y.H. Liu, Y.C. Lau, A.P. Patil. "LANDMARC: Indoor location sensing using active RFID: Pervasive computing and communications", Wireless Networks, 10 (6). (2004)[15] M. Ohkubo, K. Suzuki, and S. Kinoshita. "Cryptographic Approach to Privacy-Friendly Tags" RFID Privacy Workshop,November (2003)[16] M. Safkhani, N. Bagheri, M. Naderi, "Security Analysis of a PUF based RFID Authentication Protocol" 704 Cryptology ePrintArchive:Listing for 2011[17] I. Vajda and L. Butty´an, “Lightweight authentication protocols for low-cost RFID Tags,” 2nd Workshop on Security in Ubiquitous Computing (2003)[18] Y. Zhao, Y. Liu, L.M. Ni, "VIRE: active RFID-based localization using virtual reference elimination, " in Proceedings of the 2007 International Conference on Parallel Processing, IEEE, Piscataway, NJ, USA (2007)[19] Y. Zhang, P. kitsos. "Security in RFID and Sensor Networks" Auerbach Publications (2009) 描述 碩士
國立政治大學
資訊科學學系
100753021
102資料來源 http://thesis.lib.nccu.edu.tw/record/#G0100753021 資料類型 thesis dc.contributor.advisor 左瑞麟 zh_TW dc.contributor.author (Authors) 黃思瑋 zh_TW dc.creator (作者) 黃思瑋 zh_TW dc.date (日期) 2013 en_US dc.date.accessioned 1-Oct-2013 13:47:33 (UTC+8) - dc.date.available 1-Oct-2013 13:47:33 (UTC+8) - dc.date.issued (上傳時間) 1-Oct-2013 13:47:33 (UTC+8) - dc.identifier (Other Identifiers) G0100753021 en_US dc.identifier.uri (URI) http://nccur.lib.nccu.edu.tw/handle/140.119/61202 - dc.description (描述) 碩士 zh_TW dc.description (描述) 國立政治大學 zh_TW dc.description (描述) 資訊科學學系 zh_TW dc.description (描述) 100753021 zh_TW dc.description (描述) 102 zh_TW dc.description.abstract (摘要) 無線射頻識別(RFID)技術是一種無線通訊技術。利用無線電射頻信號,以非接觸的方式,識別特定目標並讀寫相關數據,由後端資料庫系統取得相關資料。因為具備了不需要視覺接觸就能夠遠距離辨識身份和成本低廉的特性,使得這項技術運用在各種領域應用上能帶來前所未有的便利。然而,RFID技術所遇到的最大困難點在於其協定中缺乏隱私保護及資料安全。這使得透過無線訊號傳遞的資料,容易遭受到攻擊者的監聽、掃瞄與追蹤。許多學者為了解決這個問題有提出過許多的方案。其中Bassil等學者於2012年提出基於PUF的輕量級RFID認證方案,此方案可防止被物理克隆攻擊,但此方案所提出之協議仍有安全上的弱點。因此,在此篇論文中,我們基於Bassil等學者提出的方案,分析其安全性漏洞,並在兼顧安全性與低成本的特性下,提出新的基於PUF函數的新的輕量級RFID認證協議。 zh_TW dc.description.tableofcontents Table of contentsCHAPTER 1 INTRODUCTION 11.1.1 RFID INTRODUCTION 11.1.2 RFID APPLICATIONS 11.1.3 RFID CLASSIFICATIONS 21.2 RESEARCH MOTIVATION 41.3 RESEARCH PURPOSE AND CONTRIBUTION 51.4 OVERVIEW 6CHAPTER 2 CLASSIFICATION AND SECURITY ANALYSIS OF RFID COMMUNICATION PROTOCOL 72.1 CLASSIFICATION OF COMMUNICATION PROTOCOL 72.2 RFID COMMUNICATION PROTOCOL MUST HAVE SECURITY AND PRIVACY 8CHAPTER 3 ULTRA-LIGHTWEIGHT RFID COMMUNICATION PROTOCOL 123.1 UMAP FAMILY 123.1.1 M2AP 133.1.2 LMAP 183.1.3 EMAP 233.1.4 Security Analysis of UMAP family 283.2 SASI 293.2.1 Basic Assumptions of SASI 293.2.2 SASI Ultra-lightweight RFID Communication Protocol 303.2.3 Security Analysis of SASI 353.3 PHYSICAL ANALYTIC CLONING ATTACK 36CHAPTER 4 PUMAP ULTRA-LIGHTWEIGHT RFID COMMUNICATION PROTOCOL 374.1 PHYSICAL UNCLONABLE FUNCTION 374.1.1 Arbiter PUF 374.2 PUMAP 394.2.2 Basic Assumptions of PUMAP 394.2.3 PUMAP Ultra-lightweight RFID Communication Protocol 404.2.4 Security Analysis of PUMAP 44CHAPTER 5 OUR ULTRA-LIGHTWEIGHT RFID COMMUNICATION PROTOCOL 455.1 BASIC ASSUMPTIONS OF OUR PROTOCOL 455.2 OUR ULTRA-LIGHTWEIGHT RFID COMMUNICATION PROTOCOL 475.3 SECURITY ANALYSIS OF OUR PROTOCOL 51CHAPTER 6 CONCLUSION 54CHAPTER 7 REFERENCES 55 zh_TW dc.format.extent 696114 bytes - dc.format.mimetype application/pdf - dc.language.iso en_US - dc.source.uri (資料來源) http://thesis.lib.nccu.edu.tw/record/#G0100753021 en_US dc.subject (關鍵詞) 極輕量級RFID認證協議 zh_TW dc.subject (關鍵詞) 複製攻擊 zh_TW dc.subject (關鍵詞) 物理不可克隆函數 zh_TW dc.title (題名) 一個極輕量級RFID認證協議的安全性分析與改良 zh_TW dc.title (題名) Security Analysis and Improvements on an Authentication Protocols in Ultra-Lightweight RFID Systems en_US dc.type (資料類型) thesis en dc.relation.reference (參考文獻) [1] R. Bassil, W. El-Beaino, W. Itani, A. Kayssi, and A. Chehab. "PUMAP: A PUF-based ultra-lightweight mutual-authentication RFID protocol. " International Journal of RFID Security and Cryptography, 1(1), March (2012)[2] H. Chien. "SASI: A New Ultralight weight RFID Authentication Protocol Providing Strong Authentication and Strong Integrity." IEEE Transactions on Dependable and Secure Computing 4(4)Oct.-Dec. (2007)[3] T.Cao, E. Bertino, and H. Lei.“Security Analysis of the SASI Protocol”.IEEE Transactions on Dependable and Secure Computing (2008).[4] S. Devadas, E. Suh, S. Paral, R. Sowell, T. Ziola, V. Khandelwal, "Design and implementation of PUF-based unclonable RFID ICs for anti-counterfeiting and security applications,” in Proc. IEEE International Conference on RFID, April (2008).[5] A. Eghdamian and A. Samsudin. "A secure protocol for ultralightweight radio frequency identication (RFID) tags. " In Informatics Engineering and Infor-mation Science ICIEIS 2011, volume 251 of Communications in Computer and Information Science , Kuala Lumpur, Malaysia, Springer. November (2011)[6] EPCglobal, http://www.epcglobalinc.org/, 2007.[7] G. Y. Jin, X. Y. Lu, M. S. Park. "An Indoor Localization Mechanism Using Active RFID Tag. " In SUTC, (2006)[8] P. P. Lopez, J. C. H. Castro, J. M. E. Tapiador, and A. Ribagorda. "M2AP: a minimalist mutual-authentication protocol for lowcost RFID Tags. "inProc.International Conference on Ubiquitous Intelligence and Computing (2006)[9] P. P. Lopez, J. C. H. Castro, J. M. E. Tapiador,A. Ribagorda."LMAP: a real lightweight mutual authentication protocol for low-cost RFID Tags." in Proc. Workshop RFID Security.(2006)[10] P. P. Lopez, J. C. H. Castro, J. M. Estevez-Tapiador, and A. Ribagorda. "EMAP: An efficient mutual authentication protocol for low-cost RFID Tags. " Springer-Verlag,In Proc. of IS`06, volume 4277 of LNCS.(2006)[11] P. P. Lopez, J. C. H. Castro, J. M. E. Tapiador,A. Ribagorda. "Advances in Ultralightweight Cryptography for Low-cost RFID Tags: Gossamer Protocol", In Workshop on Information Security Applications, Volume 5379 of LNCS, (2008)[12] T. Li and G. Wang. "Security Analysis of Two Ultra-Lightweight RFID Authentication Protocols", Proc. 22nd IFIP TC-11 Int’1Information Security Conference.(2007)[13] Y. Lee. "Two ultralightweight authentication protocols for low-cost RFID tags. "Applied Mathematics and Information Sciences, 6(2S) May (2012)[14] L. M. Ni, Y.H. Liu, Y.C. Lau, A.P. Patil. "LANDMARC: Indoor location sensing using active RFID: Pervasive computing and communications", Wireless Networks, 10 (6). (2004)[15] M. Ohkubo, K. Suzuki, and S. Kinoshita. "Cryptographic Approach to Privacy-Friendly Tags" RFID Privacy Workshop,November (2003)[16] M. Safkhani, N. Bagheri, M. Naderi, "Security Analysis of a PUF based RFID Authentication Protocol" 704 Cryptology ePrintArchive:Listing for 2011[17] I. Vajda and L. Butty´an, “Lightweight authentication protocols for low-cost RFID Tags,” 2nd Workshop on Security in Ubiquitous Computing (2003)[18] Y. Zhao, Y. Liu, L.M. Ni, "VIRE: active RFID-based localization using virtual reference elimination, " in Proceedings of the 2007 International Conference on Parallel Processing, IEEE, Piscataway, NJ, USA (2007)[19] Y. Zhang, P. kitsos. "Security in RFID and Sensor Networks" Auerbach Publications (2009) zh_TW
