跳到主要內容

臺灣博碩士論文加值系統

(3.231.230.177) 您好!臺灣時間:2021/07/28 15:33
字體大小: 字級放大   字級縮小   預設字形  
回查詢結果 :::

詳目顯示

我願授權國圖
: 
twitterline
研究生:劉昭慶
研究生(外文):Zhao-Qing Liu
論文名稱:適用於低成本RFID系統的安全與隱私保護方法之研究
論文名稱(外文):A Study on Security and Privacy Protection for Low-Cost RFID System
指導教授:陳昱仁陳昱仁引用關係
指導教授(外文):Yu-Jen Chen
學位類別:碩士
校院名稱:長庚大學
系所名稱:資訊管理研究所
學門:電算機學門
學類:電算機一般學類
論文種類:學術論文
論文出版年:2007
畢業學年度:95
語文別:中文
論文頁數:93
中文關鍵詞:無線射頻識別安全隱私行蹤隱私雙向鑑別
外文關鍵詞:Radio Frequency Identification (RFID)SecurityPrivacyLocation PrivacyMutual Authentication
相關次數:
  • 被引用被引用:3
  • 點閱點閱:179
  • 評分評分:
  • 下載下載:0
  • 收藏至我的研究室書目清單書目收藏:0
無線射頻識別(Radio Frequency Identification, RFID)系統主要是用來自動化識別出人和物體的一項技術,而近年來RFID除了逐漸取代現行的條碼(Bar Code)功能外,RFID已經往多樣化發展,如供應鏈管理、物流業管理和醫療產業等。尤其是Wal-Mart要求它的前100大供應商,在2005年前必須採用RFID技術,而Wal-Mart預期導入RFID後,每年可降低成本高達84億美元。另外,美國軍方也宣布於2005年前其供應商在後勤補給上要採用RFID技術,使得RFID技術更加快速發展。

未來可能每個物體上都將嵌有用來識別的RFID標籤(Tag),此類最廣泛使用的RFID Tag,其成本應該降到最低。然而Tag硬體成本被降低的同時,其Tag上能運用的資源也相對地被降低,使得資源不足時,現行的密碼學方法便不適用於低成本RFID系統上,故安全與隱私便會有很大的疑慮。對此,有研究利用Tag上執行單向赫序函數的方式來保護安全與隱私,但仍可能導致成本過高。

本研究之目標即設計出一套方法,以EPCglobal Class 1 Gen 2標準為基礎,期望在付出較低成本的前提下,能有效率地取得或傳送Tag上的資訊,且提供可被接受的安全等級與個人隱私保護。在本研究中,Tag上僅需額外增加加法運算功能,即能有效地達到資料真確性保護、資料機密性保護、個人隱私保護、行蹤隱私保護與雙向鑑別等特性,除能防止竊聽與偽造外,也將可能發生的攻擊方式降到可被接受的程度。相信以此機制為基礎,當RFID Tag遍布全球時,使用者的資料安全與個人隱私將得以有效保護。
Radio Frequency Identification (RFID) system is a technology used mainly for automatic identification of human and objects. RFID has not only begun to replace the Bar Code system in recent years, but has also developed toward diversity, such as supply chain management (SCM), logistics management, the medical industry and more. Wal-Mart is a prime example of the system’s application Wal-Mart required its top 100 suppliers to integrate RFID technology by 2005 to enable cost reductions by as much as USD8.4 billion per year. In addition, U.S. Department of Defense (DoD) announced that its suppliers must incorporate RFID technology for their support and services before 2005. Because of this, RFID technology developed even more rapidly.

In the future, it’s possible that every object will have RFID tag labeled on it for easy identification. In order to widely apply RFID tags, the cost of tags must be as low as possible. While the cost of RFID hardware is decreasing, the resource that tag can use is also diminished. When the resource scarcity occurs, the current available cryptography algorithms will not be suitable for the low-cost RFID systems. As a result, security and privacy will become a major problem. There are some approaches using one-way hash function in the tags to protect security and privacy, but it could result in greater costs.

The objective of this research is to design a mechanism for the above-mentioned issues. By using the EPCglobal Class 1 Gen 2 standard as a foundation and the premise of low cost, the proposed mechanism can read the information of the tag efficiently, and provide an acceptable level of security and privacy protection. In this research, the RFID tag only needs to add the mathematical addition function to efficiently reach data integrity protection, data confidentiality protection, personal privacy protection, location privacy protection and mutual authentication. Besides preventing eavesdropping and forgery of tags, the RFID tag with mathematical addition function could reduce the possible attacks to an acceptable level. It is believed that by using this mechanism as basis, data security and personal privacy could be effectively protected by the time RFID tags are applied globally.
誌 謝 I
摘 要 II
Abstract III
目 次 V
圖 目 次 VIII
表 目 次 X
第一章 前  言 1
1.1 研究背景 1
1.2 研究動機 2
1.3 研究目的 3
1.4 研究流程 4
第二章 文獻探討 6
2.1 RFID系統簡介 6
2.1.1 RFID系統元件介紹 6
2.1.2 RFID與條碼特性之比較 8
2.1.3 RFID標準簡介 9
2.1.4 RFID之應用與發展趨勢 12
2.1.5 RFID面臨的挑戰及限制 13
2.1.6 現行的RFID防護機制 15
2.2 已提出的研究回顧 18
2.2.1 Randomized Hash Lock 19
2.2.2 Hash-based ID Variation 23
2.2.3 Lightweight Mutual Authentication Protocol 26
2.2.4 具安全與隱私保護之低成本無線射頻識別系統之設計 30
2.3 文獻的比較 35
第三章 研究方法 37
3.1 問題定義與分析 37
3.1.1 低成本RFID的限制 37
3.1.2 現有技術之不足 39
3.2 研究方法設計 40
3.2.1 研究假設 40
3.2.2 方法架構與設計 42
3.2.3 環境建置 45
3.2.4 初始設定 49
3.2.5 操作流程 51
第四章 討論與分析 63
4.1 方法的設計原因與優點 63
4.2 安全與隱私分析 68
4.3 效率分析 74
4.4 與其它方法的比較 75
4.5 仍無法避免的問題 81
第五章 方法實作與展示 83
5.1 開發工具與實驗環境 83
5.2 模擬實驗展示 83
第六章 結論與未來研究方向 88
6.1 結論 88
6.2 未來研究方向 89
參考文獻 90
[1] ABI Research - Technology Market Research, http://www.abiresearch.com/.
[2] Alien, “EPCglobal Class 1 Gen 2 RFID Specification,” Alien Technology Corporation White Paper, 2005.
[3] J. Ayoade, “Security Implications in RFID and Authentication Processing Framework,” Computers & Security, In Press, Corrected Proof, Available online 19 January 2006.
[4] H. Y. Chien and C. H. Chen, “Mutual Authentication Protocol for RFID Conforming to EPC Class 1 Generation 2 Standards,” Computer Standards & Interfaces, Volume 29, pp.254-259, February 2007.
[5] E. Y. Choi, S. M. Lee and D. H. Lee, “Efficient RFID Authentication Protocol for Ubiquitous Computing Environment,” International Workshop on Security in Ubiquitous Computing Systems, December 2005.
[6] T. Dimitriou, “A Lightweight RFID Protocol to Protect Against Traceability and Cloning Attacks,” Conference on Security and Privacy for Emerging Areas in Communication Networks, September 2005.
[7] D. N. Duc, J. Park, H. Lee and K. Kim, “Enhancing Security of EPCglobal Gen-2 RFID Tag Against Traceability and Cloning,” Symposium on Cryptography and Information Security, January 2006.
[8] EPCglobal Homepage, http://www.epcglobalinc.org/.
[9] K. Finkenzeller, “RFID Handbook: Fundamentals and Applications in Contactless Smart cards and Identification,” Second Edition, John Wiley & Sons, 2003.
[10] K. P. Fishkin, M.Wang and G. Borriello, “A Ubiquitous System for Medication Monitoring,” Intel Res., Seattle, Tech. Memo IRS-TR-03-011, October 2004.
[11] D. Henrici and P. Muller, “Hash-based Enhancement of Location Privacy for Radio-Frequency Identification Devices Using Varying Identifiers,” The Second IEEE Annual Conference on Pervasive Computing and Communications Workshops, pp.149-153, 2004.
[12] N. J. Hopper and M. Blum, “Secure Human Identification Protocols,” Advances in Cryptology (Asiacrypt '01), Volume 2248 of Lecture Notes in Computer Science, Springer-Verlag, pp. 52-66, 2001.
[13] A. Juels and S. A. Weis, “Authenticating Pervasive Devices with Human Protocols,” Advances in Cryptology - Crypto 05, Lecture Notes in Computer Science. Springer-Verlag, http://www.rsasecurity.com/rsalabs/, 2005.
[14] A. Juels, “RFID Security and Privacy: A Research Survey,” IEEE Journal on Selected Areas in Communications, Volume 24, No.2, February 2006.
[15] T. Lohmann, M. Schneider and C. Ruland, “Analysis of Power Constraints for Cryptographic Algorithms in Mid-cost RFID Tags,” International Conference on Smart Card Research and Advanced Applications - Cardis, April 2006.
[16] M. C. O'Connor, “Suppliers Meet Mandate Frugally,” http://www.rfidjournal.com./article/articleprint/1308/, January 2005.
[17] P. Peris-Lopez, J. C. Hernandez-Castro, J. M. Estevez-Tapiador and A. Ribagorda, “LMAP: A Real Lightweight Mutual Authentication Protocol for Low-cost RFID tags,” Workshop on RFID Security, July 2006.
[18] D. C. Ranasinghe, D. W. Engels and P. H. Cole, “Low-Cost RFID System: Confronting Security and Privacy,” Auto-ID Laboratory Workshop, 2004.
[19] RFID Journal, http://www.rfidjournal.com/.
[20] RSA Lab, “RFID, a Vision of the Future,” http://www.rsasecurity.com/rsalabs/node.asp?id=2117.
[21] S. E. Sarma, S. A. Weis and D. W. Engels, “RFID Systems and Security and Privacy Implications,” Auto-ID Center White Paper, February 2003.
[22] ThingMagic, “Generation 2: A User Guide,” ThingMagic Corporation White Paper, 2005.
[23] S. A. Weis, “Security and Privacy in Radio-Frequency Identification Devices,” Masters Thesis, MIT, May 2003.
[24] S. A. Weis, S. E. Sarma, R. L. Rivest and D. W. Engels, “Security and Privacy Aspects of Low-Cost Radio Frequency Identification System,” The First International Conference on Security in Pervasive Computing (SPC), pp.201-212, 2003.
[25] 李宗江,「RFID手冊-無線智慧卡與識別卡之基礎與應用」,全華科技,民國96年。
[26] 林縣城,資策會資工所,「台灣RFID產業發展與實務應用發展現況」,RFID International Conference-The Application and Future Development,民國94年。
[27] 陳仕傑,「具安全與隱私保護之低成本無線射頻識別系統之設計」,長庚大學資訊管理研究所碩士論文,民國95年。
[28] 陳宏宇,「RFID系統入門-無線射頻辨識系統」,松崗圖書,民國94年。
[29] 黃景彰,「資訊安全-電子商務之基礎」,華泰文化,民國90年6月。
[30] 溫榮弘,「圖解RFID」,全華科技圖書,民國95年。
[31] 鄭同伯,「RFID EPC-無線射頻辨識完全剖析」,博碩文化,民國93年。
[32] 簡宏宇與黃貞維,「分析LMAP、M2AP及Li-Wang改良機制之安全弱點」,第十七屆全國資訊安全會議 (ISC 2007),民國96年6月。
QRCODE
 
 
 
 
 
                                                                                                                                                                                                                                                                                                                                                                                                               
第一頁 上一頁 下一頁 最後一頁 top