| 摘要: | 近來,在無線射頻辨識技術(Radio Frequency Identification, RFID)的廣泛應用下,相關的安全威脅也逐漸被人們所重視。無線射頻系統的安全問題主要可用以下幾個構面來探討之:(1)資料傳輸安全問題,意指如何利用低資源的無線射頻標籤(RF tag)可提供的運算單元來保護資料在傳輸過程的安全;(2)傳輸端與接收端隱私權洩漏問題,包含了匿名性(Anonymity)與向前安全特性(Forward security);(3)舉凡偷聽訊息、擷取與竄改封包、模仿標籤行使存取權限、甚至進行重送攻擊(Replay attack)、機密資訊非同步化攻擊 (Out of synchronization)等都是可能發生在無線射頻系統的惡意攻擊;(4)其他在無線射頻環境中專屬衍生的特殊化安全威脅,如星群攻擊(Constellation attack)與麵包屑法追蹤 (Breadcrumb),兩者皆是利用許多細微產生的標籤資訊來拼湊出有用的訊息,藉此定位標籤擁有者或標籤嵌入標的物。由以上分析可知,一套適用無線射頻技術系統的高度安全身份識別(Authentication)方法與匿名傳輸機制將成為未來建構殺手級應用的基本元件。本計畫為二年計畫,吾人於第一年將針對無線射頻辨識系統前端(標籤與讀取器間) 的無線傳輸頻帶建構出一套適用於低成本無線射頻標籤的身份識別機制,此機制將藉由通行碼(PIN)、低成本單向雜湊函數(Low-cost one way hash function)、亂數產生器與簡單的邏輯閘運算(or, and, xor)來進行資料傳輸時的安全度與隱私權保護。另外,在系統後端 (讀取器與伺服器間)的無線傳輸環境中,本研究將建構一套適用於無線射頻系統的客製化匿名性金鑰協議機制,主要的方法將植基於橢圓曲線密碼系統,期待發展出一套有效率且安全的金鑰協議機制,主要具備特點如可抵抗線上或離線密碼猜測攻擊(Password guessing attack)、金鑰是由多方個體共同協議產生的、具備相互鑑別(Mutual authentication) 的功能、足夠的金鑰安全強度與向前安全特性等,所有理論成果將投稿於國際知名研討會與國際知名SCI期刊,力求學術上的最佳貢獻。此外,為求理論與實務上的完整性與貢獻度,本研究計畫在建構完以上兩套機制後,緊接著將於第二年進行理論與模擬之效率分析,並跟著進行上述理論研究之實務系統開發,也就是根據目前無線射頻辨識開發環境下的限制,規劃並建置一套可實際運作的RFID身份鑑別雛型系統,並分析其效率。本專案冀對目前RFID身份鑑別系統開發的理論與實務兩方面皆有一定程度以上的貢獻,所有系統開發成果將投稿於國際知名研討會與國際知名SCI期刊。
The design of a secure authentication protocol for Radio Frequency IDentification (RFID) systems has been extensively studied in recent years in view of the awareness of individual privacy and the requirement of robust system security. In this project, we assume the future communication environment for RFID systems will be all wireless and insecure. Under such infrastructure, RFID readers can be mobile and new RFID applications such as stock inventory system equipped with handheld RFID readers will be deployed securely. In the meantime, it is more difficult to secure a mobile RFID system than before without novel authentication protocols due to considering the following security issues. (1) Data security in RFID authentication process indicates the capability of secrecy preservation on message transmission under the insecure RFID communication environment. (2) From user (or object owner) privacy point of view, the anonymity property guarantees the attacker cannot distinguish and further trace a specific tag or a reader by only analyzing the transmitted messages or performed behaviors. (3) The benefit of forward security is to protect the historical trajectory of a compromised tag (or reader) from being discovered. (4) The synchronization ability for shared secret information among authentication parties can prevent DoS attack and correct authentication failures due to abnormal session conditions. (5) Resistance to replay attack is another important measurement to the security robustness of an authentication scheme because replay attack can be launched easily by just broadcasting previous eavesdropped messages repeatedly. (6) Resistance to other new derived attacks such as constellation attack or breadcrumb attack. In this two-year project, we start our plan with developing a new mutual RFID authentication scheme for resource-constrained RFID tags. The proposed authentication scheme is based on simple access PIN number, low-cost one-way hash function, random number generator and simple operation such as or, and, xor. In the following, we will develope a novel key agreement protocol which is based on elliptic curve cryptograph system and can provide the following properties: resistance to on-line/off-line password-guessing attacks, key agreement-based mechanism, mutual authentication property, resistance to knowing key attack, and forward security. All the developed theoretic results will be submitted to internation conferences or SCI journals for pursuing greatest contribution in academia. On the other hand, in order to provide theortic and practical contributions enough, we will first concentrate on theoretic analysis and simulation developement of our proposed protocols in the second year. Followed by this, a proto-system which is based on the results in the first year and in practice of real network environment will be proposed, and it's efficiency and system practicability will be examined to ensure the contribution on implementation. Similarly, all the proposed system and its side-results will be submitted to internation conferences or SCI journals. |
