研究期間:10108~10207;Radio frequency identification (RFID) system is vulnerable to various attacks, since data transmission between the reader and tags is based on wireless communication. Typical attacks are forged-reader attack, forged-server attack, man-in-the-middle attack, tracking attack, replay attack, forward secrecy attack and denial of service attack, etc. Some methods like Karthikeyan-Nesterenko’s scheme, Chien-Chen’s scheme, Chien’s scheme, Lo-Yeh's scheme, and Sun-Ting-Wang's scheme have been proposed to resist the attacks. They still have some flaws, though. This project is intended to develop a mutual authentication protocol between the reader and tags conforming EPC Class 1 Generation 2 (EPC C1G2) standard to resist the attacks just mentioned. The challenge is that EPC C1G2 tags have limited memory and can perform only ultralightweight operations like random number generation, pseudo random number generator (PRNG) and exclusive-or (XOR) operator. We plan to make the reader and tags first register with a server to obtain symmetric keys and pseudo IDs for later communications. We then plan to realize the protocol by using proactively changing symmetric keys (one for communication, and the other for authentication) and pseudo IDs and by embedding a random number in every message sent between the reader and a tag to resist the above-mentioned attacks. We will conduct thorough security analysis for the developed protocol and comprehensively compare it with other related methods to demonstrate it is indeed better than others.
