| Radio Frequency Identification (RFID) is a non-contact automatic identificationtechnology by radio frequency identification, which works in open environment. RFIDhas been widely used in the field like enterprise supply chain management, animaltracking and identifying, digital library management, transport and logisticsmanagement. Regarded as an important support technology for pervasive computing, itmakes great contribution to our lives and improves the manage efficiency. However,some security risk and potential privacy issues in RFID system exist because of thesefactors such as insecurity communication link between the electronic tag and reader, andthe flaw of the RFID tag access protocol and the internal security risk in the reader.Aimed at the characteristics of mobility and the constrained tags resource, thedesign and implementation a secure low computation and practical securityauthentication protocol is the core problem of the RFID system. This thesis intends toexplore and research methods to enhance the security and privacy for the low-cost RFIDtags by RFID security authentication protocol, where the core content is to protect theinformation privacy for the resource-constrained low-cost RFID tags.The main contribution and innovation of this thesis is shown as follows:(1) An improved protocol named WISP+is proposed. Security attacks are revealedon the protocol WISP after the analysis for the security and performance. Aiming at thereader impersonation attacks and man-in-the-middle attack in WISP, asecurity-enhanced protocol WISP+based on it is proposed. The improved protocolachieves mutual authentication between the back-end server and the tag, and caneffectively resist to counterfeit attack and man-in-the-middle attack.(2) A novel protocol TMAP is proposed. Aiming at the timing attack for timestampbased protocols and over-idealized environment consumption problem for most RFIDprotocols, this thesis proposes a novel RFID security authentication protocol for mobileenvironment TMAP. The new protocol is based on monotonically increasing timestamp,which uses the flag to mark the last session success or not and utilize the Hash functionto encrypt the message. The protocol TMAP can guarantee the forward security and resist the common attacks such as the impersonation attack for the reader and the tag,the replay attack, tracing attack, the asynchronous attack and the timing attack. TMAP isalso suitable for the low-cost RFID system because of the low computation in the tags.Our work is significant in increasing the security and privacy for RFID taginformation, as well as promoting the large-scale application in more fields for RFIDsystem. |
PDF Full Text Request