| 摘要: | 近年來無線射頻識別 (Radio Frequency Identification, RFID) 技術蓬勃發展,不同於傳統的條碼管理系統容易受到污損,且條碼需在目視可及的範圍才可做掃描的動作,RFID標籤易嵌入至各種形狀的物件,價格也越來越低廉,因此大大提升了可用性。近年來RFID的運用,不論是人員的門禁管理系統、購物商場的收費系統、工業製造組裝零件管理系統、醫療病例系統的應用以及倉儲的進銷存管理…等皆日益增多。
本研究中,我們介紹RFID的系統架構及其應用,同時也探討協定認證的相關議題,並針對這些議題做安全分析。相關RFID協定的抵抗能力,如:標籤假冒抵抗、讀取器假冒抵抗、重送攻擊抵抗、標籤追蹤抵抗、前推安全能力的達成、標籤反複製能力、協定雙向驗證能力、非同步攻擊回復、標籤匿名的保護、避免位置隱私曝光、中間人攻擊抵抗能力…等性質,對其安全性進行分析優劣。本篇論文針對Choi等人協定潛在的安全性提出改進方法並做安全分析,最後將提出的方法與相關的論文協定做綜合的安全性比較,使整個認證協定更符合安全期待。
RFID (Radio Frequency Identification) technology has been widely used recent years. A main system is composed of three parts: RFID tags, readers, and a backend server. Because chips are small and antennas are easily made into various shapes, these make RFID systems easy to use. Moreover, RFID systems transmit by wireless and their prices are more and more affordable. They are not like traditional barcode systems which can easily be destroyed and soiled by outside environments. Using traditional barcode systems is not efficient because they have to be used in visual accessible distance to contact objects. Therefore, several of applications of RFID systems are entrance gate control systems, shopping malls charging systems, industrial manufacturing parts management systems, medical applications systems, supply chain management systems, and so on.
Since RFID is communicated by wireless and has limited computing power, it cannot provide complex computations. Therefore, providing efficient and secure authentication schemes becomes an important issue. Many researchers have proposed various authentication schemes for RFID systems. In this thesis, we analyzed and discussed the security problem of these research works. The security problems including the capabilities of tag anonymity, resistance to replaying attack, recovery from de-synchronization attack, resistance to man-in-the-middle attack, resistance to tag impersona¬tion, resistance to reader impersonation, tag anti-cloning and mutual authentication, resistance to tag tracking, avoidance to location privacy disclosure, and providing forward secrecy. We also improved Choi et al.’s authentication scheme and compared the improved scheme with other existing schemes based on the above security features. |
