Outline
- Abstract
- Keywords
- 1. Introduction
- 2. Related Work
- 2.1. Review of Chen Et Al.’s Quadratic Residue Based Mutual Authentication Scheme
- 2.2. Review of Yeh Et Al.’s Improved Quadratic Residue Based Mutual Authentication Scheme
- 2.3. Analysis of Chen Et Al.’s and Yeh Et Al.’s Schemes
- 3. the Proposed Scheme
- 3.1. the Quadratic Residue Property
- 3.2. Collaborative Authentication Scheme Based on Unique Quadratic Residues
- 3.2.1. the Initialization Phase
- 3.2.2. the Collaborative Authentication Phase
- 4. Security Analysis
- 4.1. Security Correctness
- 4.2. the Originality and Uniqueness of X
- 4.3. the Secrecy of X
- 4.4. Security Properties of the Collaborative Authentication Scheme
- 4.5. Comparison with Other Protocols
- 5. Conclusion and Future Work
- Acknowledgement
- References
رئوس مطالب
- چکیده
- کلید واژه ها
- 1. مقدمه
- 2. کارهای مرتبط
- 2.1. مرور طرح تشخیص هویت دوطرفه چن بر مبنای باقیمانده های درجه دو
- 2.2. مرور طرح تشخیص هویت دوطرفه بر مبنای باقیمانده درجه دو بهبود یافته یه و همکاران
- 2.3. بررسی طرح های چن و همکاران و یه و همکاران
- 3. طرح پیشنهادی
- 3.1. ویژگی باقیمانده درجه دوم
- 3.2. طرح اشتراکی تشخیص هویت بر مبنای باقیمانده های درجه دو یکتا
- 3.2.1. فاز آغازین
- 3.2.2. فاز تشخیص هویت اشتراکی
- 4. تحلیل های امنیتی
- 4.1. تصحیحات امنیتی
- 4.2. اصالت و یکتا بودن x
- 4.3. حریم خصوصی x
- 4.4. خواص امنیتی طرح اشتراکی تشخیص هویت
- 4.5. مقایسه با پروتکل های دیگر
- 5. نتیجه گیری و کارهای آینده
Abstract
In this paper we propose a novel approach to authentication and privacy in mobile RFID systems based on quadratic residues and in conformance to EPC Class-1 Gen-2 specifications. Recently, Chen et al. (2008) [10] and Yeh et al. (2011) [11] have both proposed authentication schemes for RFID systems based on quadratic residues. However, these schemes are not suitable for implementation on low-cost passive RFID tags as they require the implementation of hash functions on the tags. Consequently, both of these current methods do not conform to the EPC Class-1 Gen-2 standard for passive RFID tags which from a security perspective requires tags to only implement cyclic redundancy checks (CRC) and pseudo-random number generators (PRNG) leaving about 2.5k–5k gates available for any other security operations. Further, due to secure channel assumptions both schemes are not suited for mobile/wireless reader applications. We present the collaborative authentication scheme suitable for mobile/wireless reader RFID systems where the security of the server–reader channel cannot be guaranteed. Our schemes achieves authentication of the tag, reader and back-end server in the RFID system and protects the privacy of the communication without the need for tags to implement expensive hash functions. Our scheme is the first quadratic residues based scheme to achieve compliance to EPC Class-1 Gen-2 specifications. Through detailed security analysis we show that the collaborative authentication scheme achieves the required security properties of tag anonymity, reader anonymity, reader privacy, tag untraceability and forward secrecy. In addition, it is resistant to replay, impersonation and desynchronisation attacks. We also show through strand space analysis that the proposed approach achieves the required properties of agreement, originality and secrecy between the tag and the server.
Keywords: Authentication - Privacy - RFID systems - Security protocolsConclusions
In this paper we have a proposed a novel approach to authentication and privacy in RFID systems based on unique quadratic residues. The proposed approach addresses the 3 main drawbacks of current schemes – robust security, EPC Class-1 Gen-2 compliance and suitability for mobile/wireless environments. The proposed approach can successfully validate the tag, reader and back-end server in a RFID system as legitimate parties and is cheaper than other quadratic residues based methods. Our collaborative authentication scheme is suitable for mobile/wireless reader environments where secure channel assumptions are invalid. Importantly, our proposed scheme is suited to the computational constraints of EPC Class-1 Gen-2 passive RFID tags as it only uses the modular squaring, CRC and PRNG functions that passive RFID tags are capable of and does not require the implementation of hash functions on RFID tags. This differentiates the proposed approach from the schemes proposed by Chen et al. [10] and Yeh et al. [11].
Security analysis of our proposed scheme shows that it achieves the required properties of tag anonymity, tag location privacy and forward secrecy while being resistant to replay, desynchronisation and server impersonation attacks. In addition to these security properties, the collaborative authentication scheme also achieves reader anonymity and reader location privacy. Performance comparisons show that our scheme is practical and can be implemented on passive tags and achieves a worst case database loading of O(1). In the future we hope to complete a test bed implementation of the proposed scheme.