Skip to main content
SpringerLink
Log in

Challenge-Response Based RFID Authentication Protocol for Distributed Database Environment

  • Conference paper
Security in Pervasive Computing (SPC 2005)

Part of the book series: Lecture Notes in Computer Science ((LNSC,volume 3450))

Included in the following conference series:

Abstract

Recently, RFID system is a main technology to realize ubiquitous computing environments, but the feature of the RFID system may bring about various privacy problems. So, many kinds of protocols to resolve these problems have been researched. In this paper, we analyze the privacy problems of the previous protocols and propose more secure and effective authentication protocol to protect user’s privacy. Then we analyze the security and effectiveness of the proposed protocol comparing with the previous protocols. The proposed protocol is based on Challenge-Response using one-way hash function and random number. The proposed protocol is secure against the replay the attack, spoofing attack and so on. In addition, the proposed protocol is fitted for distributed database environment.

This work was supported by the University IT Research Center Project funded by the Korean Ministry of Information and Communication.

This is a preview of subscription content, log in via an institution to check access.

Access this chapter

Log in via an institution
Chapter
USD 29.95
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
eBook
USD 39.99
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
Softcover Book
USD 54.99
Price excludes VAT (USA)
  • Compact, lightweight edition
  • Dispatched in 3 to 5 business days
  • Free shipping worldwide - see info

Tax calculation will be finalised at checkout

Purchases are for personal use only

Institutional subscriptions

Preview

Unable to display preview. Download preview PDF.

Unable to display preview. Download preview PDF.

References

  1. Associated Press, Benetton undecided on use of ‘smart tags’ , April 8 (2003)

    Google Scholar 

  2. Auto-ID Center, 860MHz-960MHz Class I Radio Frequency Identification Tag Radio Frequency and Logical Communication Interface Specification Recommended Standard, Version 1.0.0, Technical Report MIT-AUTOID-TR007 (2002)

    Google Scholar 

  3. Auto-ID Center, 860MHz-930MHz Class 0 Radio Frequency Identification Tag Protocol Specification Candidate Recommendation, Version 1.0.0, Technical Report MIT-AUTOID-TR016 (2003)

    Google Scholar 

  4. CNET, Wal-Mart cancels ‘smart shelf’ trial (July 2003), http://www.cnet.com

  5. EAN International and the Uniform Code Council, http://www.ean-int.org

  6. EPCglobal, EPC Tag Data Standards Version 1.1 Rev.1.24, http://www.epcglobalinc.org

  7. Federal Information Processing Standards (FIPS), Secure Hash Standard (SHA-1), Technical Report 180-1, National Institute of Standards and Technology(NIST), April 1995, supersedes FIPS PUB 180 (1993)

    Google Scholar 

  8. Finkenzeller, K.: RFID Handbook. John Wiley and Sons, Chichester (2003)

    Book  Google Scholar 

  9. Henrici, D., Müller, P.: Hash-based Enhancement of Location Privacy for Radio-Frequency Identification Devices using Varying Identifiers. In: Proceedings of the Second IEEE Annual Conference on Pervasive Computing and Communications Workshops (PERCOMW 2004), pp. 149–153. IEEE, Los Alamitos (2004)

    Chapter  Google Scholar 

  10. Juels, A., Pappu, R.: Squealing euros: Privacy protection in RFID-enabled banknotes. In: Wright, R.N. (ed.) FC 2003. LNCS, vol. 2742, pp. 103–121. Springer, Heidelberg (2003)

    Chapter  Google Scholar 

  11. Juels, A., Rivest, R.L., Szydlo, M.: The Blocker Tag: Selective Blocking of RFID Tags for consumer Privacy. In: Proceedings of 10th ACM Conference on Computer and Communications Security, CCS 2003, pp. 103–111 (2003)

    Google Scholar 

  12. Mao, W.: Modern Cryptography Theory and Practice. Prentice Hall PTR, Englewood Cliffs (2004)

    Google Scholar 

  13. mCloak: Personal/corporate management of wireless devices and technology (2003), http://www.mobilecloak.com

  14. Ohkubo, M., Suzuki, K., Kinoshita, S.: Hash-Chain Based Forward-Secure Privacy Protection Scheme for Low-Cost RFID. In: Proceedings of the SCIS 2004, pp. 719–724 (2004)

    Google Scholar 

  15. Rivest, R.L.: The MD5 Message Digest Algorithm. Technical Report RFC 1321, MIT Lab for Computer Science and RSA Laboratories (April 1992)

    Google Scholar 

  16. Sarma, S., Brock, D.L., Ashton, K.: The Networked Physical World Proposals for Engineering the Next Generation of Computing, Commerce and Automatic-Identification., Technical Report MIT-AUTOID-WH-001 (2001)

    Google Scholar 

  17. Sarma, S.: Towards the 5 cent Tag, Technical Report MIT-AUTOID-WH-006 (2001)

    Google Scholar 

  18. Sarma, S.E., Weis, S.A., Engels, D.W.: RFID systems, Security and Privacy Implications., White Paper MIT-AUTOID-WH-014, MIT AUTO-ID CENTER (2002)

    Google Scholar 

  19. Sarma, S.E., Weis, S.A., Engels, D.W.: RFID systems and security and privacy implications. In: Kaliski Jr., B.S., Koç, Ç.K., Paar, C. (eds.) CHES 2002. LNCS, vol. 2523, pp. 454–469. Springer, Heidelberg (2003)

    Chapter  Google Scholar 

  20. Sarma, S.E., Weis, S.A., Engels, D.W.: Radio-Frequency Identification: Secure Risks and Challenges. RSA Laboratories Cryptobytes 6(1), 2–9 (Spring 2003)

    Google Scholar 

  21. Weis, S.A.: Security and Privacy in Radio-Frequency Identification Devices. MS Thesis. MIT, Cambridge (2003)

    Google Scholar 

  22. Weis, S.A., Sarma, S.E., Rivest, R.L., Engels, D.W.: Security and Privacy Aspects of Low-Cost Radio Frequency Identification Systems. In: Hutter, D., Müller, G., Stephan, W., Ullmann, M. (eds.) Security in Pervasive Computing. LNCS, vol. 2802, pp. 201–212. Springer, Heidelberg (2004)

    Chapter  Google Scholar 

Download references

Author information

Authors and Affiliations

  1. Information and Communication Security Lab, School of Information and Communication Engineering, Sungkyunkwan University, 300 Cheoncheon-dong, Jangan-gu, Suwon-si, Gyeonggi-do, 440-746, Korea

    Keunwoo Rhee, Jin Kwak & Dongho Won

  2. Information Security and Cryptology Lab, School of Information and Communication Engineering, Sungkyunkwan University, 300 Cheoncheon-dong, Jangan-gu, Suwon-si, Gyeonggi-do, 440-746, Korea

    Seungjoo Kim

Authors
  1. Keunwoo Rhee
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. Jin Kwak
    View author publications

    You can also search for this author in PubMed Google Scholar

  3. Seungjoo Kim
    View author publications

    You can also search for this author in PubMed Google Scholar

  4. Dongho Won
    View author publications

    You can also search for this author in PubMed Google Scholar

Editor information

Editors and Affiliations

  1. DFKI, Stuhlsatzenhausweg 3, D-66123, Saarbrücken, Germany

    Dieter Hutter

  2. Federal Office for Information Security (BSI), Godesberger Allee 185-189, 53175, Bonn, Germany

    Markus Ullmann

Rights and permissions

Reprints and permissions

Copyright information

© 2005 Springer-Verlag Berlin Heidelberg

About this paper

Cite this paper

Rhee, K., Kwak, J., Kim, S., Won, D. (2005). Challenge-Response Based RFID Authentication Protocol for Distributed Database Environment. In: Hutter, D., Ullmann, M. (eds) Security in Pervasive Computing. SPC 2005. Lecture Notes in Computer Science, vol 3450. Springer, Berlin, Heidelberg. https://doi.org/10.1007/978-3-540-32004-3_9

Download citation

  • DOI: https://doi.org/10.1007/978-3-540-32004-3_9

  • Publisher Name: Springer, Berlin, Heidelberg

  • Print ISBN: 978-3-540-25521-5

  • Online ISBN: 978-3-540-32004-3

  • eBook Packages: Computer ScienceComputer Science (R0)

Publish with us

Policies and ethics

Search

Navigation