Research On Security Protocols For RFID Systems

Along with radio frequency identification (RFID) technology continuous improvement in the coming months and years, the applied range of RFID is increasing daily. The whole social dependence on it becomes more and more advanced, so the benefits of attack to it will become more and more signifi-cant. Then the increasing harm to society and application market is also in-evitable. Due to the original designers of RFID development and application staff did not consider security issue, some phenomenon frequent appears, such as electronic tags malicious damage, smart cards copy, fake mobile payment terminals’identity, and so on. Even more serious is military secrets, confiden-tial business and personal information in the RFID system may be burgled and used. This is bound to cause incalculable losses on the states, collectives and individuals. People had to accept the fact that security has become a bottleneck of restricting the development of RFID. Safety issues of the RFID system urgent need to be addressed.In recent years, many new methods have been proposed to improve RFID systems’security and privacy protection, which mainly reflected in two aspects of the physical protection and protocol security. Due to the high cost, serious de-struction, the need for additional device support and other weaknesses, physical mechanism has not been widely adopted. To the contrary, safety protocols based on cryptography technology has obtained a more extensive research and applica-tion. However, when these protocols achieved a specific security objective, their own security or privacy protection also has been extensively analyzed. Unfortu-nately, most existing protocols have some security and efficiency problems, such as the cryptography algorithm is weak, the back-end server computing burden is heavy, the mechanism of security protocol is irrational, and so on. In order to solve these problems, security protocols of RFID systems is researched in this thesis. Specific research contents and innovation can be summarized as follows:(1) Research on elliptic curve cryptography (ECC) based mutual authen-tication protocols. By research elliptic curve public key cryptography security features, and its efficiency and the possibility of realization in the RFID, we first researched tags and readers with no shared key security mechanism. And we proposed a mutual authentication protocol for RFID system. This protocol can achieve mutual authentication between tags and readers, in the case of not re-quiring exhaustive calculation, achieving identification tags’identity. Based on the security of ECC, the proposed protocol has a high operating efficiency, and obtains a good balance between efficiency and security.(2) Research on mobile RFID mutual authentication protocols. With the widespread use of mobile devices, security and privacy challenges in mobile R-FID environment has attracted much attention. Due to the use of wireless com-munication between the reader and the back-end server, that is, mutual authen-tication can be understood as the mutual authentication of among tags, readers and back-end server. In this thesis, we proposed an ECC-based mutual authenti-cation protocol for mobile RFID environment. In order to ensure the efficiency of protocol, no shared key mechanism has been used. At the same time, a new data transmission method for reader and back-end server has been proposed, us-ing this method, not only could ensure the data transmission security, but also the reader can recover the tag data from the received information.(3) Research on tag search protocols. In a sense, tag search protocol is an extension of the authentication protocol. The former is designated specified ob-ject authentication, the latter is undesignated object. Tag search protocol allows the reader to detect whether a specific tag existence among multiple tags or not, mainly be used in mobile RFID environment. In this thesis, a new server-less tag search protocol which uses timestamp technology against replay attacks is proposed. Taking into account it is unrealistic that set a clock device in the tag side, we give a new the fresh of timestamp verification method. Meanwhile, using the GNY logic formal proves show that the departure from the assump- tions of the protocol, the protocol goals set in advance can be achieved after the operation.(4) Research on distance bounding protocols. Distance bounding protocols is the best countermeasure against relay attacks, and it must be tightly integrated into the physical layer of the RFID system. For distance measurement, how to improve the resistance ability to relay attacks (including distance fraud, mafia fraud and terrorist fraud), from the challenge, response bit and key relationship point of view to set a reasonable logical system, it has played a key role in pro-moting against all relay attacks and achieved ideal security bound. Therefore, in the distance bounding protocols model, which based on the round trip time (RTT) of a bitwise challenge and response measure, we pay more attention to how key bits participated in fast bit exchange in this thesis.First, considered the quality of the radio channel, the correctness of the val-ue of bits in the rapid exchange phase needs to be validated. Based on the final signature mechanism, we proposed a new distance bounding protocol, which the bit complement thought is the first time applied to select response bit in the fast phase. Using this method, our protocol can achieve the ideal security level against for the false acceptance rate of distance fraud and mafia fraud. In addi-tion, the protocol’s operating efficiency be improved by updating tag’s identify in the end of protocol each.Secondly, in order to ensure the distance bounding protocol without the final signature can against terrorist fraud attacks, and achieve a good balance for the false acceptance rate of some attacks, an enhanced security distance bounding protocol without the final signature is proposed in this thesis. Our protocol is different in following sense,1) for restricting the computation capabilities of the prover, an unconditionally secure method has been used to deliver random num-ber from the verifier to the prover in slow phase. Thus, our protocol achieves the ideal security level (1/2)n when considering a distance fraud, the best result for other protocols is (3/4)n.2) two bits mixed challenges is used. For decreas-ing the success probability of these fraud attacks, we use two bits challenges that the verifier sending00,01,10or11. At the same time, the shared secret key bits are also required to participate in the generation of the response bit val-ue. Analysis shows that, the proposed protocol can prevent three fraud attacks simultaneously, and has a low false acceptance rate.