一個基於Strongly 2-Universal Hash Functions的RFID安全認證協定

Abstract

無線射頻辨視(Radio Frequency Identification, 簡稱RFID)技術是近年來十分熱門的無線辨視技術之一。因其大幅地改善作業的效率，因此廣受各方的注目。依據不同的應用環境，此系統的組成會有些許差異，但基本上皆是由一個發送信號的讀取器(RFID讀取器)、接收訊號的感應器(RFID標籤)、以及儲存所有標籤資料的後端資料庫所組成。讀取器藉由無線射頻的方式接收標籤回復的資料，再傳送到遠端資料庫，在物流應用方面，可使得商品追蹤、來源驗證、倉儲管理等等更加有效率。近年來，許多國際知名大廠商紛紛開始推動RFID取代傳統商品的條碼。與傳統的條碼相較起來，RFID標籤具有多項優越性，例如資料儲存量大、可覆寫、讀取速度快等等。然而，RFID標籤仍無法完全普及的原因之一在於這種自動無線辨視系統可能造成隱私權的侵犯。 因此，如何確保在RFID 系統的傳輸資料安全便成為一個重要的課題。在本論文中，我們提出ㄧ套可應用於被動式RFID標籤的安全協定。透過此完整之安全協定機制可達到保護個人隱私及防止他人惡意攻擊的目的。 在RFID安全認證方面，近來已有許多專家學者提出相關的研究報告與論文。本篇論文主要是針對RFID的安全認證，提出利用Strongly 2-Universal Hash Functions (SUHF)的方法來保障傳輸資料的安全。因SUHF有其獨特的特性，我們將利用它的特性達到一定的計算安全性(computational security)，並且利用SVO邏輯驗證說明系統的安全性及保密性。

Radio Frequency Identification (RFID) system has been popular over the recent ten years. This wireless technology can greatly improve management efficiency in many areas of our lives. In general, an RFID system is composed of three parts, a transceiver (a reader), a transponder (a tag) and a backend database. A transceiver emits RF signals to a transponder, which responds with information about the attached product. Then the reader forwards the tag responses to backend database for object identification. The fast and accurate item information contributes to facilitate the flow of manufacturing and inventory control. However, RFID systems still can not fully penetrate into the market. The reason stems from the security and privacy concerns since RFID tags would respond to RFID reader or being modified without alerting the tag bearer. This property would result in clandestine tracking and tag scanning. Therefore, how to provide a secure mechanism for RFID authentication has been a hot topic for years. In this paper, we propose an RFID authentication scheme based on strongly 2-universal hash functions. We use the special properties of strongly 2-universal hash functions as a way to design such a scheme for achieving computational security. For security analysis, we apply the SVO logic to prove the scheme’s message freshness and authenticity. We also analyze the storage cost and computation cost of the tag T, the reader R and the database D. And a simple simulation program is presented at the end.