現今無線射頻辨識(RFID)的技術廣泛的使用在物流管理,門禁系統及零售業等各個領域上,利用RFID在自動化管理上有重大的影響。EPCglobal此組織制訂了許多RFID通訊協定上的標準,EPC Class 1 Generation 2為其中之一,現在許多新的供應商都決定支持Gen2,因此協定的安全性更顯重要。本研究指出現有協定的安全漏洞或缺點,包括現有協定無法抵抗重送攻擊、竄改攻擊、造成阻絕服務、標籤資料洩漏和不具前推私密性之疑慮等各項安全問題,及搜尋標籤資料時,使用地毯式搜尋,造成成本過大的缺點。因此本研究設計一個新的符合EPC第一類第二代安全協定,改進其他協定之安全問題,並減少尋找標籤之成本,希望本研究所提出的新協定能夠對EPC第二代第一類協定之安全有所助益。
Today, RFID technology has widely been used in logistics management, access control systems, retail trade, and other fields. RFID’s characteristics have significant impacts on automated management. EPC global has established many standards of RFID. The EPC Class 1 Generation 2 is one of them. Many suppliers have decided to support Gen2. Therefore, the security of the protocol becomes more and more important. This study points out the security problems of existing protocols, such as replay attacks, tampering attacks, and denial of service attacks. The existing protocls may have data leakage, forward secrecy, or privacy problems. Some of the protocols use exhaustive search which takes too much cost. To solve the problems, this study design a new protocol which improves existing protocols security problems and reduce the cost of searching tags. We hope that our new protocol is useful for the EPC Class 1 Generation 2 RFID.
