臺灣博碩士論文加值系統

RFID 技術運用於需要物件追踪、身份確認及相關認證的應用正逐漸增加。這些應用於貼有RFID的物件上，作為物件確認及支援可利用RFID來運作的特殊用途上。近來相關研究也著重於群組證明密碼協定、可攜行設備認證協定，及電子標籤和讀取器的相互認證密碼協定上。群組證明密碼協定可應用於需要證明兩件以上的貼有電子標籤的物品同時出現於某一地點。這種協定可應用於確保正確的藥品使用在正確的病人身上(藥品包裝和病人都貼有電子標籤)，以確定他們二者是匹配在一起使用的。可攜行設備認證協定可應用於巡查站的任務執行時的查核巡查人員所攜行動裝置是否於正確的時間區間到達巡查點執行任務。而電子標籤和讀取器的相互認證密碼協定，可確保電子標籤不會被未授權的讀取器讀取出資料。ECC (Elliptic Curve Cryptography) 密碼技術由於所需金鑰長度短，適用於資源受限的通訊設備，因此也適用於RFID的應用上。本研究目的在基於楕圓曲線密碼之技術來探討RFID應用上的安全可用的群組證明密碼協定、可攜行設備認證密碼協定，及電子標籤和讀取器的相互認證之密碼協定及改進，其中針對最近三種基於楕圓曲線密碼之技術之RFID協定進行分析出其安全上的缺點，並提出更為安全的改進的協定。

RFID technology is increasingly used in applications that require tracking identification, authentication for an object. It attaches RFID-readable tags to objects for identification and supporting of specific RFID-enabled applications. Recently, the research focuses on grouping-proof protocol, mobile authentication protocol and mutual authentication protocol. The grouping-proofs protocol in RFID applications provide a proof of two or more tags must be simultaneously scanned. That can be applied to make sure that the right medicine taken by the right patient where the medicine and patient have attached tags to proof they are simultaneously scanned. The mobile authentication can be applied for patrolling mission to audit the mobile visit the patrolling-spot in the right time interval. The tag and reader mutual authentication protocol keeps tags from been reading by any invalid reader. Because that ECC (Elliptic Curve Cryptography) needs shorter key length than other cryptosystem, it is suit for the constrained mobile communication device. In this dissertation, some ECC-based protocols, such as practical grouping-proofs protocol, mobile authentication protocol and tag/reader mutual authentication protocol are reviewed and analyzed. We found some defects of these protocols. Moreover, we proposed more secure protocols to improve those protocols based on their defects in this article

Contents
指導教授推薦書
口試委員會審定書
誌 謝 iii
摘 要 iv
Abstract v
Contents vi
Figure of Contents viii
Chapter 1 Introduction 1
Chapter 2 Preliminaries and Notations 8
2.1 Background of ECC 8
2.2 Cyclic Group on ECC 8
2.3 The Security of ECC 9
2.3.1 Elliptic Curve Discrete Logarithm Problem (ECDLP) 9
2.3.2 Elliptic Curve Computational Diffie-Hellman Problem (ECCDHP) 10
2.3.3 Elliptic Curve Factorization Problem (ECFP) 10
2.4 Notations 10
Chapter 3 ECC-Based Grouping-Proof RFID Protocol 13
3.1 Resistance to Tracking and Impersonation Attacks 13
3.2 Lin et al.’s RFID Grouping Proof Protocol 14
3.3 Analysis on Lin et al.’s Protocol 16
3.4 Proposed Grouping-Proof RFID Protocol 33
3.5 Security Analysis 36
Chapter 4 ECC-based RFID Mobile Protocol 45
4.1 Zhou et al.’s RFID Mobile Protocol 46
4.2 Analysis on Zhou et al.’s Protocol 50
4.3 Proposed Patrolling RFID Mobile Protocol 53
4.4 Security Analysis 57
Chapter 5 ECC-based Mutual Authentication Protocol 60
5.1 Chou et al.’s ECC-based Mutual Authentication Protocol [20] 60
5.2 Replay Attack on Chou et al.’s Protocol 62
5.3 Proposed Mutual Authentication Protocol 64
5.4 Replay Attack Resistance in Fig 5.4 66
Chapter 6 Conclusions 69
Reference 71

Figure of Contents
Figure 3.1 Lin et al.’s Protocol [14] 16
Figure 3.2 Active Tracking Tag A 20
Figure 3.3 Active Tracking Tag B 21
Figure 3.4 Passive Tracking Tag A 27
Figure 3.5 Passive Tracking Tag B 28
Figure 3.6 Impersonate Tag B through One-time Eavesdropping 28
Figure 3.7 Impersonate Tag B with Twice Eavesdropping 31
Figure 3.8 m-Party Grouping Proof Protocol of Lin et al. 33
Figure 3.9 Proposed Grouping-Proof RFID Protocol 36
Figure 3.10 Our m-Party Grouping Proof Protocol 44
Figure 4.1 Zhou et al.’s Protocol [18]. 49
Figure 4.2 One Time Reading , Unlimited Times Service (OTRUTS) Problem. 52
Figure 4.3 Proposed Patrolling RFID Mobile Protocol 54
Figure 4.4 Without OTRUTS Problem. 59
Figure 5.1 Chou et al.’s Protocol [21]. 61
Figure 5.2 Replay Attack on Chou et al.’s Protocol. 64
Figure 5.3 Proposed Mutual Authentication Protocol 66
Figure 5.4 Our Protocol Shown as Fig 5.3 Has Replay Attack Resistance 67

[1] A. Juels, “Yoking-Proofs for RFID tags,” Proceedings of the Second IEEE Annual Conference on Pervasive Computing and Communications Workshops, PERCOMW ’04, Washington, DC, USA, pp.138–143, IEEE Computer Society, 2004.
[2] W. Diffie and M. Hellman, “New directions in cryptography,” Information Theory, IEEE Transactions on, vol.22, no.6, pp.644 – 654, 1976.
[3] S. Vaudenay, “On privacy models for RFID,” in Advances in Cryptology ASIACRYPT 2007, ed. K. Kurosawa, Lecture Notes in Computer Science, vol.4833, pp.68–87, Springer Berlin Heidelberg, 2007.
[4] N. Koblitz, “Elliptic curve cryptosystems,” Mathematics of Computation, vol.48, no.177, pp. 203–209, 1987.
[5] V. Miller, “Use of elliptic curves in cryptography,” Advances in Cryptology CRYPTO 85 Proceedings, ed. H. Williams, Lecture Notes in Computer Science, vol.218, pp.417–426, Springer Berlin Heidelberg, 1986.
[6] S. Galbraith, Mathematics of Public Key Cryptography, Cambridge Uuniversity Press, 2012.
[7] J. Wolkerstorfer, “Is elliptic-curve cryptography suitable to secure RFID tags?,” In Handout of the Encrypt Workshop on RFID and Lightweight Crypto, 2005.
[8] D. Hein, J. Wolkerstorfer, and N. Felber, “ECC is ready for RFID- a proof in silicon,” in Selected Areas in Cryptography, ed. R. Avanzi, L. Keliher, and F. Sica, Lecture Notes in Computer Science, vol.5381, pp.401–413, Springer Berlin Heidelberg, 2009.
[9] L. Batina, Y. Lee, S. Seys, D. Singele, and I. Verbauwhede, “Privacy-preserving ECC-based grouping proofs for RFID,” in Information Security, ed. M. Burmester, G. Tsudik, S. Magliveras, and I. Ili, Lecture Notes in Computer Science, vol.6531, pp.159–165, Springer Berlin Heidelberg, 2011.
[10] C. Lv, H. Li, J. Ma, B. Niu, and H. Jiang, “Security analysis of a privacy-preserving ECC-based grouping-proof protocol,” Journal of Convergence Information Technology, vol.6, no.3, pp.113–119, 2011.
[11] T. Deursen, S. Mauw, and S. Radomirovi, “Untraceability of RFID protocols,” in Information Security Theory and Practices. Smart Devices, Convergence and Next Generation Networks, ed. J. Onieva, D. Sauveron, S. Chaumette, D. Gollmann, and K. Markantonakis, Lecture Notes in Computer Science, vol.5019, pp.1–15, Springer Berlin Heidelberg, 2008.
[12] T. Deursen, “50 ways to break RFID privacy,” in Privacy and Identity Management for Life, ed. S. Fischer-Hbner, P. Duquenoy, M. Hansen, R. Leenes, and G. Zhang, IFIP Advances in Information and Communication Technology, vol.352, pp.192–205, Springer Berlin Heidelberg, 2011.
[13] W.T. Ko, S.Y. Chiou, E.H. Lu, and H.K.C. Chang, “An improvement of privacy-preserving ECC-based grouping proof for RFID,” Cross Strait Quad-Regional Radio Science and Wireless Technology Conference (CSQRWC), pp.1062–1064, IEEE, 2011.
[14] Q. Lin and F. Zhang, “ECC-based grouping-proof RFID for inpatient medication safety,” Journal of Medical Systems, vol.36, no.6, pp.3527–3531, 2012.
[15] Y. Fu and Q. Fu, “Scheme and secure protocol of mobile payment based on RFID,” Anti-counterfeiting, Security, and Identification in Communication, 2009. ASID 2009. 3rd International Conference on, pp.631–634, IEEE, 2009.
[16] T. Tran, F. Yousaf, and C. Wietfeld, “RFID based secure mobile communication framework for emergency response management,” Wireless Communications and Networking Conference (WCNC), 2010 IEEE, pp.1–6, April 2010.
[17] C.L. Chen, J.K. Jan, and C.F. Chien, “Based on mobile RFID device to design a secure mutual authentication scheme for market application,” Broadband, Wireless Computing, Communication and Applications (BWCCA), 2010 International Conference on, pp.423–428, Nov 2010.
[18] J. ZHOU, Y. ZHOU, F. XIAO, and X. NIU, “Mutual authentication protocol for mobile RFID systems,” Journal of Computational Information System, pp.3261–3268, Binary Information Press, USA, Nov 2012.
[19] S. Garfinkel, A. Juels, and R. Pappu, “RFID privacy: an overview of problems and proposed solutions,” Security Privacy, IEEE, vol.3, no.3, pp.34–43, May 2005.
[20] R. Weinstein, “RFID: a technical overview and its application to the enterprise”, IT Professional, vol.7, no.3, pp. 27-33, 2005.
[21] J.S. Chou, Y. Chen, C.L. Wu, and C.F. Lin, “An efficient RFID mutual authentication scheme based on ECC,” IACR Cryptology ePrint Archive, vol.2011, no.418, 2011.