Abstract
In recent years, as RFID reader equipment is ever more widely deployed in handled devices, the importance of security problems among RFID reader, tags and server have obviously gained increased attention. However, there are still many security issues preceding transactions; these issues are well worth discussing. In this paper, we propose a novel authentication scheme, conforming EPC C1G2 standards, at a low implementation cost for market application. In order to achieve mutual authentication, the proposed scheme integrates fingerprint biometrics, related cryptology and a hash function mechanism to ensure the security of the transmitted messages. The proposed scheme also can resist known attacks.
Highlights
In recent years, the RFID (Radio Frequency Identification) system has been widely used in many fields
As RFID reader equipment has been widely deployed in hand-held devices, the importance of successfully dealing with security problems related to RFID readers, tags and servers is inescapable
Tags only use comparison operations, exclusive-or operations, addition operations, Cyclic Redundancy Check (CRC) operations, and subtraction operations. These operations conform to the EPCglobal C1G2 standards and are low-cost, so they decrease the computational load of tags
Summary
The RFID (Radio Frequency Identification) system has been widely used in many fields. When a reader sends a request message to a tag, the tag responds with a message via radio frequency signal. In such an environment, there exists the potential for many latent attacks. As a result of the RFID system transmitting messages via radio-frequency, many security and privacy problems arise between the RFID tag and RFID reader. (1) Tag impersonation attack: An attacker impersonates a target tag to interact with a reader and he/she can pass the reader’s authentication procedure successfully. (3) Replay attack: An attacker intercepts the messages between a reader and a tag, and uses these messages to interact with each other in the session, thereby allowing him/her to successfully pass the authentication procedure.
Talk to us
Join us for a 30 min session where you can share your feedback and ask us any queries you have
Disclaimer: All third-party content on this website/platform is and will remain the property of their respective owners and is provided on "as is" basis without any warranties, express or implied. Use of third-party content does not indicate any affiliation, sponsorship with or endorsement by them. Any references to third-party content is to identify the corresponding services and shall be considered fair use under The CopyrightLaw.