WO2011078603A2 - Method for mutual authentication between tag and reader in radio frequency identification system - Google Patents

Method for mutual authentication between tag and reader in radio frequency identification system Download PDF

Info

Publication number
WO2011078603A2
WO2011078603A2 PCT/KR2010/009276 KR2010009276W WO2011078603A2 WO 2011078603 A2 WO2011078603 A2 WO 2011078603A2 KR 2010009276 W KR2010009276 W KR 2010009276W WO 2011078603 A2 WO2011078603 A2 WO 2011078603A2
Authority
WO
WIPO (PCT)
Prior art keywords
tag
reader
encryption key
generating
resp
Prior art date
Application number
PCT/KR2010/009276
Other languages
French (fr)
Other versions
WO2011078603A3 (en
Inventor
Yang-Don Won
Boo-Joong Kang
Eul-Gyu Im
Sung-Ho Cho
Original Assignee
Samsung Techwin Co., Ltd.
Industry-University Cooperation Foundation Hanyang University
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Priority claimed from KR1020100127864A external-priority patent/KR20110074441A/en
Application filed by Samsung Techwin Co., Ltd., Industry-University Cooperation Foundation Hanyang University filed Critical Samsung Techwin Co., Ltd.
Publication of WO2011078603A2 publication Critical patent/WO2011078603A2/en
Publication of WO2011078603A3 publication Critical patent/WO2011078603A3/en

Links

Images

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/32Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials
    • H04L9/3271Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials using challenge-response
    • H04L9/3273Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials using challenge-response for mutual authentication
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06KGRAPHICAL DATA READING; PRESENTATION OF DATA; RECORD CARRIERS; HANDLING RECORD CARRIERS
    • G06K7/00Methods or arrangements for sensing record carriers, e.g. for reading patterns
    • G06K7/10Methods or arrangements for sensing record carriers, e.g. for reading patterns by electromagnetic radiation, e.g. optical sensing; by corpuscular radiation
    • G06K7/10009Methods or arrangements for sensing record carriers, e.g. for reading patterns by electromagnetic radiation, e.g. optical sensing; by corpuscular radiation sensing by radiation using wavelengths larger than 0.1 mm, e.g. radio-waves or microwaves
    • G06K7/10019Methods or arrangements for sensing record carriers, e.g. for reading patterns by electromagnetic radiation, e.g. optical sensing; by corpuscular radiation sensing by radiation using wavelengths larger than 0.1 mm, e.g. radio-waves or microwaves resolving collision on the communication channels between simultaneously or concurrently interrogated record carriers.
    • G06K7/10029Methods or arrangements for sensing record carriers, e.g. for reading patterns by electromagnetic radiation, e.g. optical sensing; by corpuscular radiation sensing by radiation using wavelengths larger than 0.1 mm, e.g. radio-waves or microwaves resolving collision on the communication channels between simultaneously or concurrently interrogated record carriers. the collision being resolved in the time domain, e.g. using binary tree search or RFID responses allocated to a random time slot
    • G06K7/10039Methods or arrangements for sensing record carriers, e.g. for reading patterns by electromagnetic radiation, e.g. optical sensing; by corpuscular radiation sensing by radiation using wavelengths larger than 0.1 mm, e.g. radio-waves or microwaves resolving collision on the communication channels between simultaneously or concurrently interrogated record carriers. the collision being resolved in the time domain, e.g. using binary tree search or RFID responses allocated to a random time slot interrogator driven, i.e. synchronous
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L2209/00Additional information or applications relating to cryptographic mechanisms or cryptographic arrangements for secret or secure communication H04L9/00
    • H04L2209/80Wireless
    • H04L2209/805Lightweight hardware, e.g. radio-frequency identification [RFID] or sensor

Definitions

  • the present invention relates to a method for mutual authentication between a tag and a reader, and more particularly, to a method for mutual authentication between a tag and a reader which is performed in a radio frequency identification (RFID) system including the tag and the reader.
  • RFID radio frequency identification
  • While a tag and a reader provide authentication using encryption for memory access or in response to special commands according to the Electronic Product Code (EPC)global Standard, general communication does not include authentication. In particular, specific authentication is not required to exchange an EPC that is information developed to identify a tag.
  • EPC Electronic Product Code
  • an illegal reader may obtain information for identifying a tag and an illegal tag may be identified by the illegal reader, thereby leading to a potential risk factor for a fatal consequence to a radio frequency identification (RFID) system.
  • RFID radio frequency identification
  • lots of technologies for mutual authentication between a tag and a reader have been suggested, but since these technologies use heavy encryption algorithms such as symmetric encryption and hash function, it is difficult to apply these technologies to an inexpensive RFID tag.
  • an illegal tag or an illegal reader may operate in an RFID system without restriction.
  • data of the RFID system may be contaminated due to wrong tag identification information to be transmitted, and since a tag has no way to determine whether a reader is legal or not, an illegal reader may easily obtain identification information from legal tags, thereby leading to a risk such as personal information leakage or RFID tag duplication.
  • the present invention provides a method for mutual authentication between a tag and a reader which may prevent an illegal tag or reader from accessing a radio frequency identification (RFID) system and may use a relatively simple algorithm.
  • RFID radio frequency identification
  • a method for mutual authentication between a tag and a reader which is performed in an RFID system including the tag and the reader, the method including: (a) storing tag information comprising a unique identification EPC_ T , a first encryption key, and a second encryption key, wherein the storing is performed by the tag and the reader; (b) generating a reader random number N_ R and transmitting the reader random number N_ R to the tag, wherein the generating and the transmitting are performed by the reader; (c) generating a tag response RESP_ T by using a CRC calculation function and transmitting the tag response RESP_ T to the reader, wherein the generating and the transmitting are performed by the tag receiving the reader random number N_ R ; (d) verifying the tag response RESP_ T by using the CRC calculation function, generating a reader response RESP_ R to a result of the verification, and transmitting the reader response RESP_ R to the tag, wherein the verifying, the generating, and the
  • the tag information may further include a temporary identification EID_ T .
  • the method may further include (g) generating a new temporary identification EID_ T by using the unique identification EPC_ T and the updated first and second encryption keys K1 and K2, wherein the generating is performed by the reader.
  • Operation (c) may include: (c-1) generating an encrypted temporary identification EID_ T by using the unique identification EPC_ T , and the first encryption key K1 and the second encryption key K2, wherein the generating is performed by the tag; (c-2) generating a tag response through CRC calculation by performing exclusive OR (XOR) on the reader random number N_ R and upper bits of the first encryption key K1, performing XOR on a tag random number N_ T and lower bits of the first encryption key K1, wherein the generating is performed by the tag; and (c-3) transmitting the generated temporary identification EID_ T , the tag random number N_ T , and the tag response RESP_ T to the reader, wherein the transmitting is performed by the tag.
  • XOR exclusive OR
  • Operation (d) may include: (d-1) calling up the tag information comprising the unique identification EPC, the first encryption key K1, and the second encryption key K2 corresponding to the received temporary identification EID_ T , wherein the calling is performed by the reader; (d-2) determining whether a CRC resultant value obtained by performing XOR on the reader random number N_ R and upper bits of the first encryption key K1 and performing XOR on the tag random number N_ T and lower bits of the first encryption key K1 is identical to the tag response RESP_ T , wherein the determining is performed by the reader; (d-3) if it is determined that the CRC resultant value is identical to the tag response RESP_ T, authenticating that the tag is a legal tag, wherein the authenticating is performed by the reader; and (d-4) generating a reader response RESP_ R through CRC calculation by performing XOR on the reader random number N_ R and lower bits of the first encryption key K1 and performing XOR on the tag random number N_ T and upper bits of the
  • Operation (c) may include: (c-1) generating a CRC calculator by performing XOR on a random number N_ T and a first encryption key K, wherein the generating is performed by the tag; (c-2) generating target information by connecting the unique identification EPC_ T , the reader random number N_ R , and the tag random number N_ T , wherein the generating is performed by the tag; (c-3) generating a CRC resultant value by performing CRC calculation on the target information as the CRC calculator, wherein the generating is performed by the tag; (c-4) generating a tag response RESP_ T by performing XOR on the CRC resultant value and the first encryption key K, wherein the generating is performed by the tag; and (c-5) transmitting the unique identification EPC_ T , the tag random number N_ T , and the tag response RESP_ T to the reader, wherein the transmitting is performed by the tag.
  • Operation (d) may include: (d-1) calling up a pre-change first encryption key Kold, a post-change first encryption key Knew, a pre-change second encryption key Pold, and a post-change second encryption key Pnew corresponding to the received unique identification EPC_ T , wherein the calling is performed by the reader; (d-2) generating a first verification value RESP_ V1 by using the pre-change first encryption key Kold, wherein the generating is performed by the reader; (d-3) if the tag response RESP_ T received from the tag is identical to the first verification value RESP_ V1 , generating a first authentication response RESP_ R1 and transmitting the first authentication response RESP_ R1 to the tag, wherein the generating and the transmitting are preformed by the reader; (d-4) if the tag response RESP_ T received from the tag is not identical to the first verification value RESP_ V1 , generating a second verification value RESP_ V2 by using the post-change first encryption key Knew, wherein the
  • Operation (d-3) may include: (91) generating a CRC calculator by performing XOR on the pre-change second encryption key Pold and the received tag random number N_ T , wherein the generating is performed by the reader; (92) generating target information by connecting the received unique identification EPC_ T and the tag random number N_ T , wherein the generating is performed by the reader; (93) generating a CRC resultant value by performing CRC calculation on the target information as the CRC calculator, wherein the generating is performed by the reader; (94) generating a first authentication response RESP_ R1 by performing XOR on the CRC resultant value and the pre-change second encryption key Pold, wherein the generating is performed by the reader; and (95) transmitting the generated first authentication response RESP_ R1 to the tag, wherein the transmitting is performed by the reader.
  • a security level of an authentication process may be improved. Also, since a CRC function which is used in general message error checking is used instead of a heavy encryption function such as a hash function during message encryption, hardware restriction of a passive tag may be overcome and mutual authentication between a reader and a tag may be safely performed.
  • an illegal tag or reader may be prevented from accessing an RFID system and a relatively simple algorithm may be used.
  • the tag 100 in order to generate the tag response RESP_ T to be transmitted to the reader 200, the tag 100 generates the encrypted temporary identification EID_ T by using the unique identification EPC_ T , the first encryption key K1, and the second encryption key K2, and generates the tag response RESP_ T through CRC calculation by performing XOR on the reader random number N_ R and upper bits of the first encryption key K1 and performing XOR on the tag random number N_ T and lower bits of the first encryption key K1.
  • the tag 100 may generate a CRC calculator by performing XOR on the tag random number N_ T and the first encryption key K, generate target information by connecting the unique identification EPC_ T , the reader random number N_ R , and the tag random number N_ T , and generate a CRC resultant value by performing CRC calculation on the target information as the CRC calculator.
  • the aforesaid method and effects may apply to a case where the reader 200 transmits the reader response RESP_ R to the tag 100. That is, even though an illegal reader receives the reader response RESP_ R and the random numbers N_ R and N_ T , it is difficult to obtain a next response.
  • FIG. 1 is a diagram illustrating a radio frequency identification (RFID) system including a tag and a reader;
  • RFID radio frequency identification
  • FIG. 2 is a flowchart illustrating a method for mutual authentication between the tag and the reader performed in the RFID system of FIG. 1, according to an embodiment of the present invention
  • FIG. 3 is a flowchart illustrating operation 230 of FIG. 2 in which the tag generates and transmits a tag response RESP_ T by using a CRC calculation function;
  • FIG. 4 is a flowchart illustrating operation 240 of FIG. 2 in which the reader verifies the tag response RESP_ T by using the CRC calculation function and generates and transmits a reader response RESP_ R;
  • FIG. 5 is a flowchart illustrating operation 250 of FIG. 2 in which the tag verifies the reader response RESP_ R and updates first and second encryption keys K1 and K2;
  • FIG. 6 is a flowchart illustrating a method for mutual authentication between the tag and the reader performed in the RFID system of FIG. 1, according to another embodiment of the present invention
  • FIG. 7 is a flowchart illustrating operation of FIG. 6 in which the tag generates and transmits a tag response RESP_ T by using a CRC calculation function;
  • FIG. 8 is a flowchart illustrating operation of FIG. 6 in which the reader verifies the tag response RESP_ T by using the CRC calculation function and generates and transmits a reader response RESP_ R ;
  • FIG. 9 is a flowchart illustrating operation 646 of FIG. 8 in which the reader generates and transmits a first authentication response RESP_ R1 to the tag;
  • FIG. 10 is a flowchart illustrating operation 650 of FIG. 6 in which the tag verifies the reader response RESP_ R and updates first and second encryption keys K and P.
  • FIG. 1 is a diagram illustrating a radio frequency identification (RFID) system including a tag 100 and a reader 200.
  • RFID radio frequency identification
  • the tag 100 which is an integrated circuit (IC) chip including an integrated antenna, is inserted into equipment or an object and identified by the reader 10 using a radio frequency.
  • the tag 100 is classified according to whether the tag 100 has a power source into an active tag having a power source, a passive tag operated due to an electromagnetic field of the reader 200 without an internal or external direct power supply, and a semi-passive tag having a power source that is assistantly used to drive a sensor or the like, or may be classified according to whether read and write capability is supported.
  • the tag 100 may be classified according to a frequency band, or particularly, the tag 100 may be classified according to an RFID method as follows.
  • a passive tag is a read-only type, lightweight, and inexpensive, and may be used semi-permanently, but has a short range and large power consumption for the reader 200.
  • An active tag is a read/write type and has a long range and small power consumption for the reader 200, but has a limitation in operation time due to a power source attached thereto and is expensive.
  • the tag 100 is classified into an active tag and a passive tag according to whether the tag 100 has a power source, the active tag and the passive tag have almost the same functions such as data storage or information exchange.
  • the RFID system has variable characteristics in terms of identification range, speed, and effect on the environment according to a frequency band in which the RFID system operates.
  • the reader 200 is connected to a PC, a personal digital assistant (PDA), or another terminal, which executes an application program, by using any of various communication methods such as RS-232/485, universal serial bus (USB), and wireless/local area network (W/LAN), and wirelessly transmits and receives data with the tag 100.
  • the reader 200 is a device for transmitting and receiving data with the tag 100 in order to read information of the tag 100, and transmits the information read from the tag 100 to a network.
  • the reader 200 may need to operate in various frequency bands such as 13.56 MHz, 900 MHz, and 433 MHz, and may identify a multi-code such as an EPC code and an ISO 18000 code.
  • the reader 200 transmits power and a command for operating the passive tag 100 to the tag 100 by means of a radio carrier wave, and receives a response from the tag 100 and restores a signal.
  • the reader 200 is roughly classified into a fixed-mount reader and a hand-held reader, and the hand-held reader is generally an integrated type including an antenna, and the fixed-mount reader is configured to be connected to 2 channels to 4 channels.
  • a challenge/response method is used.
  • a question is presented to a party to be authenticated and if the party provides a valid answer, the party is authenticated.
  • the reader 200 generates and transmits a reader random number to the tag 100
  • the tag 100 transmits a value obtained by performing XOR on the reader random number and a key value that is unique tag information.
  • the reader 200 compares a value obtained by performing XOR on a key value of the tag 100, which is previously stored, and the reader random number with the value received from the tag 100. If the two values are identical to each other, the reader 200 authenticates the tag 100. This case may be referred to as one-way authentication because only the reader 200 authenticates the tag 100.
  • the tag 100 authenticates the reader 200 this case may be referred to mutual authentication because parties participating in authentication authenticate each other.
  • a CRC (cyclic redundancy check code) calculation function in the tag 100 is used in order to generate a response between the tag 100 and the reader 200.
  • a CRC is a code used to check whether there is an error in data when the data is transmitted.
  • a 16 bit CRC code is used, to detect whether there is an error in data transmission due to noise, interference or data collision in a radio frequency channel. That is, although a CRC is not used for security purposes, in the present embodiment, a CRC calculation function approved in the EPCglobal Class-1 Gen-2 Standard is used for an information security method.
  • FIG. 2 is a flowchart illustrating a method for mutual authentication between the tag 100 and the reader 200 in the RFID system of FIG.1, according to an embodiment of the present invention. A method for mutual authentication according to an embodiment of the present invention will now be explained with reference to FIG. 2.
  • the tag 100 and the reader 200 shares tag information, that is, unique identification EPC_ T , a first encryption key K1, a second encryption key K2, and a temporary identification EID_ T .
  • the tag information may be stored in an external database (not shown) other than the reader 200. If the tag information is stored in the database, the reader 200 may access the database and read the tag information.
  • the reader 200 sharing the tag information generates a reader random number N_ R and transmits the reader random number N_ R to the tag 100.
  • the tag 100 receiving the reader random number N_ R from the reader 200 generates a tag response RESP_ T by using a CRC calculation function and transmits the tag response RESP_ T to the reader 200.
  • Operation 230 of FIG. 2 in which the tag 100 generates and transmits the tag response RESP_ T by using the CRC calculation function will now be explained with reference to FIG. 3 in detail.
  • the tag 100 generates an encrypted temporary identification EID_ T by using the unique identification EPC_ T , the first encryption key K1, and the second encryption key K2.
  • the tag 100 generates a tag response RESP_ T through CRC calculation by performing XOR on the received reader random number N_ R and upper bits of the first encryption key K1 and performing XOR on a tag random number N_ T and lower bits of the first encryption key K1.
  • the tag 100 transmits the generated temporary identification EID_ T , the tag random number N_ T , and the tag response RESP_ T to the reader 200.
  • the reader 200 receiving the tag response RESP_ T verifies the tag response RESP_ T by using a CRC calculation function, generates a reader response RESP_ R , and transmits the reader response RESP_ R to the tag 100.
  • Operation 240 of FIG. 2 in which the reader 200 verifies the tag response RESP_ T by using the CRC calculation function, and generates and transmits the reader response RESP_ R will now be explained with reference to FIG. 4 in detail.
  • the reader 200 calls up tag information corresponding to the temporary identification EID_ T received from the tag 100, that is, the unique identification EPC_ T , the first encryption key K1, and the second encryption key K2. If the tag information is stored in an external database (not shown), the reader 200 may access the database and read the tag information.
  • the reader compares a CRC resultant value obtained by performing XOR on the reader random number N_ R and upper bits of the first encryption key K1 and performing the tag random number N_ T and lower bits of the first encryption key K1 with the received tag response RESP_ T.
  • operation 243 it is determined whether the CRC resultant value is identical to the tag response RESP_ T. If it is determined in operation 243 that the CRC resultant value is not identical to the tag response RESP_ T , the method proceeds to operation 244. In operation 244, a wrong response message WRONG-RESP is transmitted to the tag and the method ends.
  • the method proceeds to operation 245.
  • the reader 200 authenticates that the tag 100 is a legal tag.
  • the reader 200 In operation 246, the reader 200 generates a reader response RESP_ R through CRC calculation by performing XOR on the reader random number N_ R and lower bits of the first encryption key K1 and performing XOR on the tag random number N_ T and upper bits of the first encryption key K1, and transmits the reader response RESP_ R to the tag 100.
  • the tag 100 receiving the reader response RESP_ R of the reader 200 verifies the reader response RESP_ R and updates the first and second encryption keys K1 and K2.
  • Operation 250 of FIG. 2 in which the tag 100 verifies the reader response RESP_ R and updates the first and second encryption keys K1 and K2 will now be explained with reference to FIG. 5 in detail.
  • the tag 100 compares a CRC resultant value obtained by performing XOR on the reader random number N_ R and lower bits of the first encryption key K1 and performing XOR on the tag random number N_ T and upper bits of the first encryption key K1 with the reader response RESP_ R .
  • operation 252 it is determined whether the CRC resultant value is identical to the reader response RESP_ R . If it is determined in operation 252 that the CRC resultant value is not identical to the reader response RESP_ R , the method proceeds to operation 253. In operation 253, a wrong response message WRONG_RESP is transmitted to the reader 200 and the method ends.
  • the method proceeds to operation 254.
  • the tag 100 authenticates that the reader 200 is a legal reader.
  • the tag 100 updates the first encryption key K1 and the second encryption key K2.
  • the tag 100 updates the first encryption key K1 by using a value obtained by performing CRC calculation on a result obtained by performing XOR on upper bits of the first encryption key K1 and lower bits of the second encryption key K2 and a value obtained by performing CRC calculation on a result obtained by XOR on lower bits of the first encryption key K1 and upper bits of the second encryption key K2.
  • the tag 100 updates the second encryption key K2 by using a value obtained by performing CRC calculation on a result obtained by performing XOR on upper bits of the first encryption key K1 and upper bits of the second encryption key K2 and a value obtained by performing CRC calculation on a result obtained by performing XOR on lower bits of the first encryption key K1 and lower bits of the second encryption key K2.
  • the tag 100 updates the first encryption key K1 and the second encryption key K2 and then transmits a response OK message OK_RESP to the reader 200.
  • the reader 200 receiving the response OK message OK_RESP updates the first encryption key K1 and the second encryption key K2.
  • the reader 200 updates the first and second encryption keys K1 and K2 in the same manner as that used for the tag 100, and thus an explanation thereof will not be given.
  • the method proceeds to operation 280.
  • operation 280 mutual authentication between the tag 100 and the reader 200 is completed. If the tag 100 is authenticated to be a legal tag and the reader 200 is authenticated to be a legal reader, the reader 200 performs a remaining operation by using the unique identification EPC_ T obtained during the above authentication process. Also, for future authentication, the reader 200 previously calculates and stores a new temporary identification EID_ T by performing XOR on the encryption keys K1 and K2 and the unique identification EPC_ T .
  • the responses RESP T and RESP R of the tag 100 and the reader 200 may be continuously changed as the first and second encryption keys K1 and K2 are continuously changed, a security level of the authentication process may be improved. Also, since a CRC function that is used for general message error checking is used instead of a heavy encryption function such as a hash function during message encryption, hardware restriction of a passive tag may be overcome and mutual authentication between a reader and a tag may be safely performed.
  • an illegal tag or reader may be prevented from accessing the RFID system and a relatively simple algorithm may be used.
  • the tag 100 in order to generate the tag response RESP_ T to be transmitted to the reader 200, the tag 100 generates the encrypted temporary identification EID_ T by using the unique identification EPC_ T , the first encryption key K1, and the second encryption key K2, and generates the tag response RESP_ T through CRC calculation by performing XOR on the reader random number N_ R received from the reader 200 and upper bits of the first encryption key K1 and performing XOR on the tag random number N_ T from the tag 100 and lower bits of the first encryption key K1.
  • the encrypted temporary identification EID_ T is generated by using the unique identification EPC_ T and the plurality of encryption keys K1 and K2, mutual authentication between the reader 200 and the tag 100 may be further safely performed.
  • FIG. 6 is a flowchart illustrating a method for mutual authentication between the tag 100 and the reader 200 in the RFID system of FIG. 1, according to another embodiment of the present invention.
  • FIG. 6 When the embodiment of FIG. 6 is compared with the embodiment of FIG. 2, operations respectively correspond to each other. However, there is a slight difference between the embodiment of FIG. 6 and the embodiment of FIG. 2 in that the temporary identification EID_ T is used in FIG. 2 whereas the temporary identification EID_ T is not used in FIG. 6 (see operation 210 of FIG. 2 and operation 610 of FIG. 6). Also, in FIG. 2, the first encryption key K1 and the second encryption key K2 are used to generate the temporary identification EID_ T of the tag 100 (see operation 231 of FIG. 3) and the first encryption key K1 is used to generate the responses RESP_ R and RESP_ T of the reader 200 and the tag 100 (see operations 231 and 246 of FIG. 3) whereas in FIG. 6, a first encryption key K is used to generate a tag response RESP_ T and a second encryption key P is used to generate a reader response RESP_ R .
  • FIG. 7 is a flowchart illustrating operation 630 of FIG 6 in which the tag 100 generates a tag response RESP_ T by using a CRC calculation function and transmits the tag response RESP_ T .
  • operation 630 of FIG. 6 includes operations 631 through 635.
  • the tag 100 generates a CRC calculator G by performing XOR on a tag random number N_ T and the first encryption key K.
  • the CRC calculator G may be expressed by Equation 1.
  • the tag 100 generates target information F by connecting a unique identification EPC_ T , a reader random number N_ R , and the tag random number N_ T . Accordingly, the target information F may be expressed by Equation 2.
  • the tag 100 generates a CRC resultant value C by performing CRC calculation on the target information F as the CRC calculator F. Accordingly, the CRC resultant value C may be expressed by Equation 3.
  • the tag 100 generates a tag response RESP_ T by performing XOR on the CRC resultant value C and the first encryption key K. Accordingly, the tag response RESP_ T to be transmitted from the tag 100 to the reader 200 may be expressed by Equation 4.
  • the tag 100 transmits the unique identification EPC_ T , the tag random number N_ T , and the tag response RESP_ T to the reader 200.
  • FIG. 8 is a flowchart illustrating operation 640 of FIG. 6 in which the reader 200 verifies the tag response RESP_ T by using the CRC calculation function and generates and transmits a reader response RESP_ R .
  • operation 640 of FIG. 6 includes operations 641 through 648.
  • the reader 200 calls up a pre-change first encryption key Kold, a post-change first encryption key Knew, a pre-change second encryption key Pold, and a post-change second encryption key Pnew corresponding to the received unique identification EPC_ T .
  • the reader 200 generates a first verification value RESP_ V1 by using the pre-change first encryption key Kold.
  • an algorithm for generating the first verification value RESP_ V1 is the same as that described with reference to FIG. 7, and thus an explanation thereof will not be given.
  • the reader 200 In operations 643 and 646, if the tag response RESP_ T received from the tag 100 is identical to the first verification value RESP_ V1 , the reader 200 generates a first authentication response RESP_ R1 and transmits the first authentication response RESP_ R1 to the tag 100.
  • the pre-change second encryption key Pold is used in order to generate the first authentication response RESP_ R1 .
  • the reader 200 In operations 645 and 647, if the tag response RESP_ T received from the tag 100 is identical to the second verification value RESP_ V2 , the reader 200 generates a second authentication response RESP_ R2 and transmits the second authentication response RESP_ R2 to the tag 100.
  • the post-change second encryption key Pnew is used in order to the second authentication response RESP_ R2 .
  • FIG. 9 is a flowchart illustrating operation 646 of FIG. 8 in which the reader 200 generates a first authentication response RESP_ R1 and transmits the first authentication response RESP_ R1 to the tag 100.
  • operation 647 of FIG. 8 in which the reader 200 generates a second authentication response RESP_ R2 and transmits the second authentication response RESP_ R2 to the tag 100 has the same operation as operation 646 of FIG. 9.
  • the pre-change second encryption key Pold is used in operation 646 whereas the post-change second encryption key Pnew is used in operation 647.
  • operation 646 of FIG. 8 in which the reader 200 generates a first authentication response RESP_ R1 and transmits the first authentication response RESP_ R1 to the tag 100 includes operations 91 through 95.
  • the reader 200 In operation 91, the reader 200 generates a CRC calculator by performing XOR on the pre-change second encryption key Pold and the received tag random number N_ T (see Equation 1).
  • the reader 200 In operation 92, the reader 200 generates target information by connecting the received unique identification EPC_ T and the tag random number N_ T (see Equation 2).
  • the reader 200 In operation 93, the reader 200 generates a CRC resultant value by performing CRC calculation on the target information as the CRC calculator (see Equation 3)
  • the reader 200 In operation 94, the reader 200 generates a first authentication response RESP_ R1 by performing XOR on the CRC resultant value and the pre-change second encryption key Pold (see Equation 3).
  • the reader 200 transmits the generated first authentication response RESP_ R1 to the tag 100.
  • CRC characteristics may not be used in a state where the second encryption key P, which is continuously changed, may not be known. Accordingly, even though an illegal reader receives the tag random number N_ T from the legal tag 100 and the reader response RESP_ R from the legal reader 200, it is difficult to obtain a next response by using the CRC characteristics.
  • the tag 100 In operation 101, the tag 100 generates a verification value RESP_ VE for the received reader response RESP_ R .
  • the verification value RESP_ VE is generated in the same manner as that described with reference to FIG. 9, and thus an explanation thereof will not be given.
  • the tag 100 determines whether the received reader response RESP_ R is identical to the generated verification value RESP_ VE.
  • the method proceeds to operation 103.
  • the tag 100 authenticates that the reader 200 is a legal reader.
  • the tag 100 updates the first encryption key K and the second encryption key P.
  • the method proceeds to operation 105.
  • the tag 100 transmits a wrong response message WRONG_RESP to the reader 200.
  • an illegal tag or reader may be prevented from accessing an RFID system and a relatively simple algorithm may be used.
  • the tag 100 in order to generate the tag response RESP_ T to be transmitted to the reader 200, the tag 100 generates the encrypted temporary identification EID_ T by using the unique identification EPC_ T , the first encryption key K1, and the second encryption key K2, and generates the tag response RESP_ T through CRC calculation by performing XOR on the reader random number N_ R and upper bits of the first encryption key K1 and performing XOR on the tag random number N_ T and lower bits of the first encryption key K1.
  • the tag 100 may generate a CRC calculator by performing XOR on the tag random number N_ T and the first encryption key K, generate target information by connecting the unique identification EPC_ T , the reader random number N_ R , and the tag random number N_ T , and generate a CRC resultant value by performing CRC calculation on the target information as the CRC calculator.
  • the aforesaid method and effects may apply to a case where the reader 200 transmits the reader response RESP_ R to the tag 100. That is, even though an illegal reader receives the reader response RESP_ R and the random numbers N_ R and N_ T , it is difficult to obtain a next response.
  • the present invention may be applied to mutual authentication for other wireless communication as well as RFID.

Landscapes

  • Engineering & Computer Science (AREA)
  • Physics & Mathematics (AREA)
  • Computer Security & Cryptography (AREA)
  • Computer Networks & Wireless Communication (AREA)
  • Health & Medical Sciences (AREA)
  • Toxicology (AREA)
  • Signal Processing (AREA)
  • Electromagnetism (AREA)
  • General Health & Medical Sciences (AREA)
  • Artificial Intelligence (AREA)
  • Computer Vision & Pattern Recognition (AREA)
  • General Physics & Mathematics (AREA)
  • Theoretical Computer Science (AREA)
  • Near-Field Transmission Systems (AREA)
  • Storage Device Security (AREA)

Abstract

A method for mutual authentication between a tag and a reader includes operations (a) through (f).  In operation (a), tag information including a unique identification EPC_T, a first encryption key, and a second encryption key is stored by the tag and the reader. In operation (b), a reader random number N_R is generated and transmitted to the tag by the reader. In operation (c), a tag response RESP_T is generated by using a CRC calculation function and transmitted to the tag response RESP_T to the reader by the tag receiving the reader random number N_R. In operation (d), the tag response RESP_T is verified by using the CRC calculation function, and a reader response RESP_R to a result of the verification is generated and transmitted to the tag by the reader. In operation (e), the reader response RESP_R to the result of the verification received from the reader is verified by using the CRC calculation function and the first encryption key and the second encryption key are updated by the tag. In operation (f), the first encryption key and the second encryption key are updated by the reader.

Description

METHOD FOR MUTUAL AUTHENTICATION BETWEEN TAG AND READER IN RADIO FREQUENCY IDENTIFICATION SYSTEM
The present invention relates to a method for mutual authentication between a tag and a reader, and more particularly, to a method for mutual authentication between a tag and a reader which is performed in a radio frequency identification (RFID) system including the tag and the reader.
While a tag and a reader provide authentication using encryption for memory access or in response to special commands according to the Electronic Product Code (EPC)global Standard, general communication does not include authentication. In particular, specific authentication is not required to exchange an EPC that is information developed to identify a tag.
Accordingly, an illegal reader may obtain information for identifying a tag and an illegal tag may be identified by the illegal reader, thereby leading to a potential risk factor for a fatal consequence to a radio frequency identification (RFID) system. In order to avoid this problem, lots of technologies for mutual authentication between a tag and a reader have been suggested, but since these technologies use heavy encryption algorithms such as symmetric encryption and hash function, it is difficult to apply these technologies to an inexpensive RFID tag.
It is difficult to operate such an encryption algorithm in an inexpensive tag due to a large hardware gate area or high power consumption.
Accordingly, it is difficult to add authentication to the inexpensive tag, and an illegal tag or an illegal reader may operate in an RFID system without restriction. As a result, data of the RFID system may be contaminated due to wrong tag identification information to be transmitted, and since a tag has no way to determine whether a reader is legal or not, an illegal reader may easily obtain identification information from legal tags, thereby leading to a risk such as personal information leakage or RFID tag duplication.
The present invention provides a method for mutual authentication between a tag and a reader which may prevent an illegal tag or reader from accessing a radio frequency identification (RFID) system and may use a relatively simple algorithm.
According to an aspect of the present invention, there is provided a method for mutual authentication between a tag and a reader which is performed in an RFID system including the tag and the reader, the method including: (a) storing tag information comprising a unique identification EPC_T, a first encryption key, and a second encryption key, wherein the storing is performed by the tag and the reader; (b) generating a reader random number N_R and transmitting the reader random number N_R to the tag, wherein the generating and the transmitting are performed by the reader; (c) generating a tag response RESP_T by using a CRC calculation function and transmitting the tag response RESP_T to the reader, wherein the generating and the transmitting are performed by the tag receiving the reader random number N_R; (d) verifying the tag response RESP_T by using the CRC calculation function, generating a reader response RESP_R to a result of the verification, and transmitting the reader response RESP_R to the tag, wherein the verifying, the generating, and the transmitting are performed by the reader; (e) verifying the reader response RESP_R to the result of the verification received from the reader by using the CRC calculation function, and updating the first encryption key and the second encryption key, wherein the verifying and the updating are performed by the tag; and (f) updating the first encryption key and the second encryption key, wherein the updating is performed by the reader.
In operation (a), the tag information may further include a temporary identification EID_T.
The method may further include (g) generating a new temporary identification EID_T by using the unique identification EPC_T and the updated first and second encryption keys K1 and K2, wherein the generating is performed by the reader.
Operation (c) may include: (c-1) generating an encrypted temporary identification EID_T by using the unique identification EPC_T, and the first encryption key K1 and the second encryption key K2, wherein the generating is performed by the tag; (c-2) generating a tag response through CRC calculation by performing exclusive OR (XOR) on the reader random number N_R and upper bits of the first encryption key K1, performing XOR on a tag random number N_T and lower bits of the first encryption key K1, wherein the generating is performed by the tag; and (c-3) transmitting the generated temporary identification EID_T, the tag random number N_T, and the tag response RESP_T to the reader, wherein the transmitting is performed by the tag.
Operation (d) may include: (d-1) calling up the tag information comprising the unique identification EPC, the first encryption key K1, and the second encryption key K2 corresponding to the received temporary identification EID_T, wherein the calling is performed by the reader; (d-2) determining whether a CRC resultant value obtained by performing XOR on the reader random number N_R and upper bits of the first encryption key K1 and performing XOR on the tag random number N_T and lower bits of the first encryption key K1 is identical to the tag response RESP_T, wherein the determining is performed by the reader; (d-3) if it is determined that the CRC resultant value is identical to the tag response RESP_T, authenticating that the tag is a legal tag, wherein the authenticating is performed by the reader; and (d-4) generating a reader response RESP_R through CRC calculation by performing XOR on the reader random number N_R and lower bits of the first encryption key K1 and performing XOR on the tag random number N_T and upper bits of the first encryption key K1, and transmitting the reader response RESP_R to the tag, wherein the generating and the transmitting are performed by the reader.
Operation (c) may include: (c-1) generating a CRC calculator by performing XOR on a random number N_T and a first encryption key K, wherein the generating is performed by the tag; (c-2) generating target information by connecting the unique identification EPC_T, the reader random number N_R, and the tag random number N_T, wherein the generating is performed by the tag; (c-3) generating a CRC resultant value by performing CRC calculation on the target information as the CRC calculator, wherein the generating is performed by the tag; (c-4) generating a tag response RESP_T by performing XOR on the CRC resultant value and the first encryption key K, wherein the generating is performed by the tag; and (c-5) transmitting the unique identification EPC_T, the tag random number N_T, and the tag response RESP_T to the reader, wherein the transmitting is performed by the tag.
Operation (d) may include: (d-1) calling up a pre-change first encryption key Kold, a post-change first encryption key Knew, a pre-change second encryption key Pold, and a post-change second encryption key Pnew corresponding to the received unique identification EPC_T, wherein the calling is performed by the reader; (d-2) generating a first verification value RESP_V1 by using the pre-change first encryption key Kold, wherein the generating is performed by the reader; (d-3) if the tag response RESP_T received from the tag is identical to the first verification value RESP_V1, generating a first authentication response RESP_R1 and transmitting the first authentication response RESP_R1 to the tag, wherein the generating and the transmitting are preformed by the reader; (d-4) if the tag response RESP_T received from the tag is not identical to the first verification value RESP_V1, generating a second verification value RESP_V2 by using the post-change first encryption key Knew, wherein the generating is performed by the reader; and (d-5) if the tag response RESP_T received from the tag is identical to the second verification value RESP_V2, generating a second authentication response RESP_R2 and transmitting the second authentication response RESP_R2 to the tag, wherein the generating and the transmitting are performed by the reader.
Operation (d-3) may include: (91) generating a CRC calculator by performing XOR on the pre-change second encryption key Pold and the received tag random number N_T, wherein the generating is performed by the reader; (92) generating target information by connecting the received unique identification EPC_T and the tag random number N_T, wherein the generating is performed by the reader; (93) generating a CRC resultant value by performing CRC calculation on the target information as the CRC calculator, wherein the generating is performed by the reader; (94) generating a first authentication response RESP_R1 by performing XOR on the CRC resultant value and the pre-change second encryption key Pold, wherein the generating is performed by the reader; and (95) transmitting the generated first authentication response RESP_R1 to the tag, wherein the transmitting is performed by the reader.
According to the embodiments of the present invention, since responses of a tag and a reader may be continuously changed as encryption keys are continuously changed, a security level of an authentication process may be improved. Also, since a CRC function which is used in general message error checking is used instead of a heavy encryption function such as a hash function during message encryption, hardware restriction of a passive tag may be overcome and mutual authentication between a reader and a tag may be safely performed.
That is, according to a method for mutual authentication between a tag and a reader according to the embodiments of the present invention, an illegal tag or reader may be prevented from accessing an RFID system and a relatively simple algorithm may be used.
For example, in order to generate the tag response RESP_T to be transmitted to the reader 200, the tag 100 generates the encrypted temporary identification EID_T by using the unique identification EPC_T, the first encryption key K1, and the second encryption key K2, and generates the tag response RESP_T through CRC calculation by performing XOR on the reader random number N_R and upper bits of the first encryption key K1 and performing XOR on the tag random number N_T and lower bits of the first encryption key K1.
In this case, since the encrypted temporary identification generated by using the unique identification EPC_T and the plurality of encryption keys K1 and K2 is used, mutual authentication between the reader 200 and the tag 100 may be further safely performed.
Also, since upper bits and lower bits of the first encryption key K1 are separately used in CRC calculation, even though an illegal tag receives the tag response RESP_T and the random numbers N_R and N_T, it is difficult to obtain a next response.
Meanwhile, in order to generate the tag response RESP_T to be transmitted to the reader 200, the tag 100 may generate a CRC calculator by performing XOR on the tag random number N_T and the first encryption key K, generate target information by connecting the unique identification EPC_T, the reader random number N_R, and the tag random number N_T, and generate a CRC resultant value by performing CRC calculation on the target information as the CRC calculator.
In this case, since the CRC calculator is continuously changed by the first encryption key K, CRC characteristics may not be used in a state where the first encryption key L which is continuously changed may not be known. Accordingly, even though an illegal tag receives the tag response RESP_T and the reader random numbers N_R and N_T, it is difficult to obtain a next response by using the CRC characteristics.
The aforesaid method and effects may apply to a case where the reader 200 transmits the reader response RESP_R to the tag 100. That is, even though an illegal reader receives the reader response RESP_R and the random numbers N_R and N_T, it is difficult to obtain a next response.
The above and other features and advantages of the present invention will become more apparent by describing in detail exemplary embodiments thereof with reference to the attached drawings in which:
FIG. 1 is a diagram illustrating a radio frequency identification (RFID) system including a tag and a reader;
FIG. 2 is a flowchart illustrating a method for mutual authentication between the tag and the reader performed in the RFID system of FIG. 1, according to an embodiment of the present invention;
FIG. 3 is a flowchart illustrating operation 230 of FIG. 2 in which the tag generates and transmits a tag response RESP_T by using a CRC calculation function;
FIG. 4 is a flowchart illustrating operation 240 of FIG. 2 in which the reader verifies the tag response RESP_T by using the CRC calculation function and generates and transmits a reader response RESP_R;
FIG. 5 is a flowchart illustrating operation 250 of FIG. 2 in which the tag verifies the reader response RESP_R and updates first and second encryption keys K1 and K2;
FIG. 6 is a flowchart illustrating a method for mutual authentication between the tag and the reader performed in the RFID system of FIG. 1, according to another embodiment of the present invention;
FIG. 7 is a flowchart illustrating operation of FIG. 6 in which the tag generates and transmits a tag response RESP_T by using a CRC calculation function;
FIG. 8 is a flowchart illustrating operation of FIG. 6 in which the reader verifies the tag response RESP_T by using the CRC calculation function and generates and transmits a reader response RESP_R;
FIG. 9 is a flowchart illustrating operation 646 of FIG. 8 in which the reader generates and transmits a first authentication response RESP_R1 to the tag; and
FIG. 10 is a flowchart illustrating operation 650 of FIG. 6 in which the tag verifies the reader response RESP_R and updates first and second encryption keys K and P.
The following description and the attached drawings are provided for better understanding of the present invention, and descriptions of techniques or structures related to the present invention which would be obvious to one of ordinary skill in the art will be omitted.
Also, the specification and the drawings should not be interpreted to limit the intended scope of the claims, and the scope of the present invention should be defined by the claims. The terms used in the specification should not be construed as being confined to common meanings or dictionary meanings but should be construed as meanings and concepts matching the technical spirit of the present invention in order to describe the present invention in the best fashion.
The present invention will now be described more fully with reference to the accompanying drawings, in which exemplary embodiments of the invention are shown.
FIG. 1 is a diagram illustrating a radio frequency identification (RFID) system including a tag 100 and a reader 200.
The tag 100, which is an integrated circuit (IC) chip including an integrated antenna, is inserted into equipment or an object and identified by the reader 10 using a radio frequency. The tag 100 is classified according to whether the tag 100 has a power source into an active tag having a power source, a passive tag operated due to an electromagnetic field of the reader 200 without an internal or external direct power supply, and a semi-passive tag having a power source that is assistantly used to drive a sensor or the like, or may be classified according to whether read and write capability is supported. The tag 100 may be classified according to a frequency band, or particularly, the tag 100 may be classified according to an RFID method as follows. In general, a passive tag is a read-only type, lightweight, and inexpensive, and may be used semi-permanently, but has a short range and large power consumption for the reader 200. An active tag is a read/write type and has a long range and small power consumption for the reader 200, but has a limitation in operation time due to a power source attached thereto and is expensive. Although the tag 100 is classified into an active tag and a passive tag according to whether the tag 100 has a power source, the active tag and the passive tag have almost the same functions such as data storage or information exchange. Also, the RFID system has variable characteristics in terms of identification range, speed, and effect on the environment according to a frequency band in which the RFID system operates.
The reader 200 is connected to a PC, a personal digital assistant (PDA), or another terminal, which executes an application program, by using any of various communication methods such as RS-232/485, universal serial bus (USB), and wireless/local area network (W/LAN), and wirelessly transmits and receives data with the tag 100. The reader 200 is a device for transmitting and receiving data with the tag 100 in order to read information of the tag 100, and transmits the information read from the tag 100 to a network. Currently, since an application range of the reader 200 is limited because an identification range and an identification precision are affected by the performance of an antenna and the surrounding environment, the reader 200 may need to operate in various frequency bands such as 13.56 MHz, 900 MHz, and 433 MHz, and may identify a multi-code such as an EPC code and an ISO 18000 code. The reader 200 transmits power and a command for operating the passive tag 100 to the tag 100 by means of a radio carrier wave, and receives a response from the tag 100 and restores a signal. The reader 200 is roughly classified into a fixed-mount reader and a hand-held reader, and the hand-held reader is generally an integrated type including an antenna, and the fixed-mount reader is configured to be connected to 2 channels to 4 channels.
In the present embodiment, in order to provide mutual authentication between the tag 100 and the reader 200, a challenge/response method is used. In the challenge/response method, a question is presented to a party to be authenticated and if the party provides a valid answer, the party is authenticated. For example, if the reader 200 generates and transmits a reader random number to the tag 100, the tag 100 transmits a value obtained by performing XOR on the reader random number and a key value that is unique tag information. The reader 200 compares a value obtained by performing XOR on a key value of the tag 100, which is previously stored, and the reader random number with the value received from the tag 100. If the two values are identical to each other, the reader 200 authenticates the tag 100. This case may be referred to as one-way authentication because only the reader 200 authenticates the tag 100. In addition, if the tag 100 authenticates the reader 200, this case may be referred to mutual authentication because parties participating in authentication authenticate each other.
Also, in the present embodiment, instead of a heavy encryption algorithm such as a hash function, a CRC (cyclic redundancy check code) calculation function in the tag 100 is used in order to generate a response between the tag 100 and the reader 200. A CRC is a code used to check whether there is an error in data when the data is transmitted. In the EPCglobal Class-1 Gen-2 Standard, a 16 bit CRC code is used, to detect whether there is an error in data transmission due to noise, interference or data collision in a radio frequency channel. That is, although a CRC is not used for security purposes, in the present embodiment, a CRC calculation function approved in the EPCglobal Class-1 Gen-2 Standard is used for an information security method.
FIG. 2 is a flowchart illustrating a method for mutual authentication between the tag 100 and the reader 200 in the RFID system of FIG.1, according to an embodiment of the present invention. A method for mutual authentication according to an embodiment of the present invention will now be explained with reference to FIG. 2.
In operation 210, the tag 100 and the reader 200 shares tag information, that is, unique identification EPC_T, a first encryption key K1, a second encryption key K2, and a temporary identification EID_T.  The tag information may be stored in an external database (not shown) other than the reader 200. If the tag information is stored in the database, the reader 200 may access the database and read the tag information.
In operation 210, the reader 200 sharing the tag information generates a reader random number N_R and transmits the reader random number N_R to the tag 100.
In operation 230, the tag 100 receiving the reader random number N_R from the reader 200 generates a tag response RESP_T by using a CRC calculation function and transmits the tag response RESP_T to the reader 200. Operation 230 of FIG. 2 in which the tag 100 generates and transmits the tag response RESP_T by using the CRC calculation function will now be explained with reference to FIG. 3 in detail.
In operation 231, the tag 100 generates an encrypted temporary identification EID_T by using the unique identification EPC_T, the first encryption key K1, and the second encryption key K2.
In operation 232, the tag 100 generates a tag response RESP_T through CRC calculation by performing XOR on the received reader random number N_R and upper bits of the first encryption key K1 and performing XOR on a tag random number N_T and lower bits of the first encryption key K1.
In operation 233, the tag 100 transmits the generated temporary identification EID_T, the tag random number N_T, and the tag response RESP_T to the reader 200.
Referring back to FIG. 2, in operation 240, the reader 200 receiving the tag response RESP_T, verifies the tag response RESP_T by using a CRC calculation function, generates a reader response RESP_R, and transmits the reader response RESP_R to the tag 100.  Operation 240 of FIG. 2 in which the reader 200 verifies the tag response RESP_T by using the CRC calculation function, and generates and transmits the reader response RESP_R will now be explained with reference to FIG. 4 in detail.
In operation 241, the reader 200 calls up tag information corresponding to the temporary identification EID_T received from the tag 100, that is, the unique identification EPC_T, the first encryption key K1, and the second encryption key K2.  If the tag information is stored in an external database (not shown), the reader 200 may access the database and read the tag information.
In operation 242, the reader compares a CRC resultant value obtained by performing XOR on the reader random number N_R and upper bits of the first encryption key K1 and performing the tag random number N_T and lower bits of the first encryption key K1 with the received tag response RESP_T.
In operation 243, it is determined whether the CRC resultant value is identical to the tag response RESP_T. If it is determined in operation 243 that the CRC resultant value is not identical to the tag response RESP_T, the method proceeds to operation 244. In operation 244, a wrong response message WRONG-RESP is transmitted to the tag and the method ends.
However, if it is determined in operation 243 that the CRC resultant value is identical to the tag response RESP_T, the method proceeds to operation 245. In operation 245, the reader 200 authenticates that the tag 100 is a legal tag.
In operation 246, the reader 200 generates a reader response RESP_R through CRC calculation by performing XOR on the reader random number N_R and lower bits of the first encryption key K1 and performing XOR on the tag random number N_T and upper bits of the first encryption key K1, and transmits the reader response RESP_R to the tag 100.
Referring back to FIG. 2, in operation 250, the tag 100 receiving the reader response RESP_R of the reader 200 verifies the reader response RESP_R and updates the first and second encryption keys K1 and K2. Operation 250 of FIG. 2 in which the tag 100 verifies the reader response RESP_R and updates the first and second encryption keys K1 and K2 will now be explained with reference to FIG. 5 in detail.
In operation 251, the tag 100 compares a CRC resultant value obtained by performing XOR on the reader random number N_R and lower bits of the first encryption key K1 and performing XOR on the tag random number N_T and upper bits of the first encryption key K1 with the reader response RESP_R.
In operation 252, it is determined whether the CRC resultant value is identical to the reader response RESP_R. If it is determined in operation 252 that the CRC resultant value is not identical to the reader response RESP_R, the method proceeds to operation 253. In operation 253, a wrong response message WRONG_RESP is transmitted to the reader 200 and the method ends.
However, if it is determined in operation 252 that the CRC resultant value is identical to the reader response RESP_R, the method proceeds to operation 254. In operation 254, the tag 100 authenticates that the reader 200 is a legal reader.
In operation 255, the tag 100 updates the first encryption key K1 and the second encryption key K2. The tag 100 updates the first encryption key K1 by using a value obtained by performing CRC calculation on a result obtained by performing XOR on upper bits of the first encryption key K1 and lower bits of the second encryption key K2 and a value obtained by performing CRC calculation on a result obtained by XOR on lower bits of the first encryption key K1 and upper bits of the second encryption key K2.
Continuously, the tag 100 updates the second encryption key K2 by using a value obtained by performing CRC calculation on a result obtained by performing XOR on upper bits of the first encryption key K1 and upper bits of the second encryption key K2 and a value obtained by performing CRC calculation on a result obtained by performing XOR on lower bits of the first encryption key K1 and lower bits of the second encryption key K2.
Referring back to FIG. 2, in operation 260, the tag 100 updates the first encryption key K1 and the second encryption key K2 and then transmits a response OK message OK_RESP to the reader 200.
In operation 270, the reader 200 receiving the response OK message OK_RESP updates the first encryption key K1 and the second encryption key K2. The reader 200 updates the first and second encryption keys K1 and K2 in the same manner as that used for the tag 100, and thus an explanation thereof will not be given.
If the reader 200 completely updates the first and second encryption keys K1 and K2, the method proceeds to operation 280. In operation 280, mutual authentication between the tag 100 and the reader 200 is completed. If the tag 100 is authenticated to be a legal tag and the reader 200 is authenticated to be a legal reader, the reader 200 performs a remaining operation by using the unique identification EPC_T obtained during the above authentication process. Also, for future authentication, the reader 200 previously calculates and stores a new temporary identification EID_T by performing XOR on the encryption keys K1 and K2 and the unique identification EPC_T.
According to the present embodiment, since the responses RESPT and RESPR of the tag 100 and the reader 200 may be continuously changed as the first and second encryption keys K1 and K2 are continuously changed, a security level of the authentication process may be improved. Also, since a CRC function that is used for general message error checking is used instead of a heavy encryption function such as a hash function during message encryption, hardware restriction of a passive tag may be overcome and mutual authentication between a reader and a tag may be safely performed.
That is, according to the method for mutual authentication between the tag 100 and the reader 200 according to the present embodiment, an illegal tag or reader may be prevented from accessing the RFID system and a relatively simple algorithm may be used.
Furthermore, in order to generate the tag response RESP_T to be transmitted to the reader 200, the tag 100 generates the encrypted temporary identification EID_T by using the unique identification EPC_T, the first encryption key K1, and the second encryption key K2, and generates the tag response RESP_T through CRC calculation by performing XOR on the reader random number N_R received from the reader 200 and upper bits of the first encryption key K1 and performing XOR on the tag random number N_T from the tag 100 and lower bits of the first encryption key K1.
Accordingly, since the encrypted temporary identification EID_T is generated by using the unique identification EPC_T and the plurality of encryption keys K1 and K2, mutual authentication between the reader 200 and the tag 100 may be further safely performed.
Also, since upper bits and lower bits of the first encryption key K1 are separately used in CRC calculation, even though an illegal tag receives the tag response RESP_T and the random numbers N_R and N_T, it is difficult to obtain a next response.
FIG. 6 is a flowchart illustrating a method for mutual authentication between the tag 100 and the reader 200 in the RFID system of FIG. 1, according to another embodiment of the present invention.
When the embodiment of FIG. 6 is compared with the embodiment of FIG. 2, operations respectively correspond to each other. However, there is a slight difference between the embodiment of FIG. 6 and the embodiment of FIG. 2 in that the temporary identification EID_T is used in FIG. 2 whereas the temporary identification EID_T is not used in FIG. 6 (see operation 210 of FIG. 2 and operation 610 of FIG. 6). Also, in FIG. 2, the first encryption key K1 and the second encryption key K2 are used to generate the temporary identification EID_T of the tag 100 (see operation 231 of FIG. 3) and the first encryption key K1 is used to generate the responses RESP_R and RESP_T of the reader 200 and the tag 100 (see operations 231 and 246 of FIG. 3) whereas in FIG. 6, a first encryption key K is used to generate a tag response RESP_T and a second encryption key P is used to generate a reader response RESP_R.
Meanwhile, when the embodiment of FIG. 6 is compared with the embodiment of FIG. 2, operations respectively correspond to each other, but operations 630 and 640 of FIG. 6 are different in content from operations 230 and 240 of FIG. 2. Accordingly, the following explanation will be made by focusing on differences with reference to FIGS. 7 through 10.
FIG. 7 is a flowchart illustrating operation 630 of FIG 6 in which the tag 100 generates a tag response RESP_T by using a CRC calculation function and transmits the tag response RESP_T.
Referring to FIG. 7, operation 630 of FIG. 6 includes operations 631 through 635.
In operation 631, the tag 100 generates a CRC calculator G by performing XOR on a tag random number N_T and the first encryption key K.
Accordingly, the CRC calculator G may be expressed by Equation 1.
[Equation 1]
Figure PCTKR2010009276-appb-I000001
Accordingly, since the first encryption key K is continuously updated (see operations 650 and 660 of FIG. 6), a value of the CRC calculator G is continuously changed.
In operation 632, the tag 100 generates target information F by connecting a unique identification EPC_T, a reader random number N_R, and the tag random number N_T.  Accordingly, the target information F may be expressed by Equation 2.
[Equation 2]
Figure PCTKR2010009276-appb-I000002
In operation 633, the tag 100 generates a CRC resultant value C by performing CRC calculation on the target information F as the CRC calculator F. Accordingly, the CRC resultant value C may be expressed by Equation 3.
[Equation 3]
Figure PCTKR2010009276-appb-I000003
In operation 634, the tag 100 generates a tag response RESP_T by performing XOR on the CRC resultant value C and the first encryption key K. Accordingly, the tag response RESP_T to be transmitted from the tag 100 to the reader 200 may be expressed by Equation 4.
[Equation 4]
Figure PCTKR2010009276-appb-I000004
In operation 635, the tag 100 transmits the unique identification EPC_T, the tag random number N_T, and the tag response RESP_T to the reader 200.
According to such an algorithm as shown in FIG. 7, since the CRC calculator G is continuously changed by the first encryption key K, CRC characteristics may not be used in a state where the first encryption key K, which is continuously changed, may not be known. Accordingly, even though an illegal tag receives the tag response RESP_T and the random numbers N_R and N_T, it is difficult to obtain a next response by using the CRC characteristics. 
FIG. 8 is a flowchart illustrating operation 640 of FIG. 6 in which the reader 200 verifies the tag response RESP_T by using the CRC calculation function and generates and transmits a reader response RESP_R.
Referring to FIG. 8, operation 640 of FIG. 6 includes operations 641 through 648.
In operation 641, the reader 200 calls up a pre-change first encryption key Kold, a post-change first encryption key Knew, a pre-change second encryption key Pold, and a post-change second encryption key Pnew corresponding to the received unique identification EPC_T.
In operation 642, the reader 200 generates a first verification value RESP_V1 by using the pre-change first encryption key Kold. Here, an algorithm for generating the first verification value RESP_V1 is the same as that described with reference to FIG. 7, and thus an explanation thereof will not be given.
In operations 643 and 646, if the tag response RESP_T received from the tag 100 is identical to the first verification value RESP_V1, the reader 200 generates a first authentication response RESP_R1 and transmits the first authentication response RESP_R1 to the tag 100. The pre-change second encryption key Pold is used in order to generate the first authentication response RESP_R1.
In operations 643 and 644, if the tag response RESP_T received from the tag 100 is not identical to the first verification value RESP_V1, the reader 200 generates a second verification value RESP_V2 by using the post-change first encryption key Knew. Here, an algorithm for generating the second verification value RESP_V2 is the same as that described with reference to FIG. 7, and thus an explanation thereof will not be given.
In operations 645 and 647, if the tag response RESP_T received from the tag 100 is identical to the second verification value RESP_V2, the reader 200 generates a second authentication response RESP_R2 and transmits the second authentication response RESP_R2 to the tag 100. The post-change second encryption key Pnew is used in order to the second authentication response RESP_R2.
In operations 645 and 648, if the tag response RESP_T received from the tag 100 is not identical to the second verification value RESP_V2, the reader 200 transmits a wrong response message WRONG_RESP to the tag 100.
In such an algorithm as shown in FIG. 8, since the pre-change first encryption key Kold, the post-change first encryption key Knew, the pre-change second encryption key Pold, and the post-change second encryption key Pnew are used, an error due to a time difference between transmission and reception may be avoided.
FIG. 9 is a flowchart illustrating operation 646 of FIG. 8 in which the reader 200 generates a first authentication response RESP_R1 and transmits the first authentication response RESP_R1 to the tag 100. For reference, operation 647 of FIG. 8 in which the reader 200 generates a second authentication response RESP_R2 and transmits the second authentication response RESP_R2 to the tag 100 has the same operation as operation 646 of FIG. 9. However, there is a difference in that the pre-change second encryption key Pold is used in operation 646 whereas the post-change second encryption key Pnew is used in operation 647.
Referring to FIG. 9, operation 646 of FIG. 8 in which the reader 200 generates a first authentication response RESP_R1 and transmits the first authentication response RESP_R1 to the tag 100 includes operations 91 through 95.
In operation 91, the reader 200 generates a CRC calculator by performing XOR on the pre-change second encryption key Pold and the received tag random number N_T (see Equation 1).
In operation 92, the reader 200 generates target information by connecting the received unique identification EPC_T and the tag random number N_T (see Equation 2).
In operation 93, the reader 200 generates a CRC resultant value by performing CRC calculation on the target information as the CRC calculator (see Equation 3)
In operation 94, the reader 200 generates a first authentication response RESP_R1 by performing XOR on the CRC resultant value and the pre-change second encryption key Pold (see Equation 3).
In operation 95, the reader 200 transmits the generated first authentication response RESP_R1 to the tag 100.
According to such an algorithm as shown in FIG. 9, since the CRC calculator is continuously changed by the second encryption key P, CRC characteristics may not be used in a state where the second encryption key P, which is continuously changed, may not be known. Accordingly, even though an illegal reader receives the tag random number N_T from the legal tag 100 and the reader response RESP_R from the legal reader 200, it is difficult to obtain a next response by using the CRC characteristics.
Operation 650 of FIG. 6 in which the tag 100 verifies the reader response RESP_R and updates the first and second encryption keys K and P will now be explained with reference to FIG. 10.
In operation 101, the tag 100 generates a verification value RESP_VE for the received reader response RESP_R.  Here, the verification value RESP_VE is generated in the same manner as that described with reference to FIG. 9, and thus an explanation thereof will not be given.
In operation 102, the tag 100 determines whether the received reader response RESP_R is identical to the generated verification value RESP_VE.
If it is determined in operation 102 that the received reader response RESP_R is identical to the generated verification value RESP_VE, the method proceeds to operation 103. In operation 103, the tag 100 authenticates that the reader 200 is a legal reader. In operation 104, the tag 100 updates the first encryption key K and the second encryption key P.
If it is determined in operation 102 that the received reader response RESP_R is not identical to the generated verification value RESP_VE, the method proceeds to operation 105. In operation 105, the tag 100 transmits a wrong response message WRONG_RESP to the reader 200.
As described above, according to the embodiments of the present invention, since responses of a tag and a reader may be continuously changed as encryption keys are continuously changed, a security level of an authentication process may be improved. Also, since a CRC function which is used in general message error checking is used instead of a heavy encryption function such as a hash function during message encryption, hardware restriction of a passive tag may be overcome and mutual authentication between a reader and a tag may be safely performed.
That is, according to a method for mutual authentication between a tag and a reader according to the embodiments of the present invention, an illegal tag or reader may be prevented from accessing an RFID system and a relatively simple algorithm may be used.
For example, in order to generate the tag response RESP_T to be transmitted to the reader 200, the tag 100 generates the encrypted temporary identification EID_T by using the unique identification EPC_T, the first encryption key K1, and the second encryption key K2, and generates the tag response RESP_T through CRC calculation by performing XOR on the reader random number N_R and upper bits of the first encryption key K1 and performing XOR on the tag random number N_T and lower bits of the first encryption key K1.
In this case, since the encrypted temporary identification generated by using the unique identification EPC_T and the plurality of encryption keys K1 and K2 is used, mutual authentication between the reader 200 and the tag 100 may be further safely performed.
Also, since upper bits and lower bits of the first encryption key K1 are separately used in CRC calculation, even though an illegal tag receives the tag response RESP_T and the random numbers N_R and N_T, it is difficult to obtain a next response.
Meanwhile, in order to generate the tag response RESP_T to be transmitted to the reader 200, the tag 100 may generate a CRC calculator by performing XOR on the tag random number N_T and the first encryption key K, generate target information by connecting the unique identification EPC_T, the reader random number N_R, and the tag random number N_T, and generate a CRC resultant value by performing CRC calculation on the target information as the CRC calculator.
In this case, since the CRC calculator is continuously changed by the first encryption key K, CRC characteristics may not be used in a state where the first encryption key L which is continuously changed may not be known. Accordingly, even though an illegal tag receives the tag response RESP_T and the reader random numbers N_R and N_T, it is difficult to obtain a next response by using the CRC characteristics.
The aforesaid method and effects may apply to a case where the reader 200 transmits the reader response RESP_R to the tag 100. That is, even though an illegal reader receives the reader response RESP_R and the random numbers N_R and N_T, it is difficult to obtain a next response.
While the present invention has been particularly shown and described with reference to exemplary embodiments thereof using specific terms, the embodiments and terms have been used to explain the present invention and should not be construed as limiting the scope of the present invention defined by the claims. The preferred embodiments should be considered in a descriptive sense only and not for purposes of limitation. Therefore, the scope of the invention is defined not by the detailed description of the invention but by the appended claims, and all differences within the scope will be construed as being included in the present invention.
The present invention may be applied to mutual authentication for other wireless communication as well as RFID.

Claims (12)

  1. A method for mutual authentication between a tag and a reader which is performed in a radio frequency identification (RFID) system comprising the tag and the reader, the method comprising:
    (a) storing tag information comprising a unique identification EPC_T, a first encryption key, and a second encryption key, wherein the storing is performed by the tag and the reader;
    (b) generating a reader random number N_R and transmitting the reader random number N_R to the tag, wherein the generating and the transmitting are performed by the reader;
    (c) generating a tag response RESP_T by using a CRC calculation function and transmitting the tag response RESP_T to the reader, wherein the generating and the transmitting are performed by the tag receiving the reader random number N_R;
    (d) verifying the tag response RESP_T by using the CRC calculation function, generating a reader response RESP_R to a result of the verification, and transmitting the reader response RESP_R to the tag, wherein the verifying, the generating, and the transmitting are performed by the reader;
    (e) verifying the reader response RESP_R to the result of the verification received from the reader by using the CRC calculation function, and updating the first encryption key and the second encryption key, wherein the verifying and the updating are performed by the tag; and
    (f) updating the first encryption key and the second encryption key, wherein the updating is performed by the reader.
  2. The method of claim 1, wherein in operation (a), the tag information further comprises a temporary identification EID_T.
  3. The method of claim 2, further comprising (g) generating a new temporary identification EID_T by using the unique identification EPC_T and the updated first and second encryption keys K1 and K2, wherein the generating is performed by the reader.
  4. The method of claim 2, wherein operation (c) comprises:
    (c-1) generating an encrypted temporary identification EID_T by using the unique identification EPC_T, and the first encryption key K1 and the second encryption key K2, wherein the generating is performed by the tag;
    (c-2) generating a tag response through CRC calculation by performing exclusive OR (XOR) on the reader random number N_R and upper bits of the first encryption key K1, performing XOR on a tag random number N_T and lower bits of the first encryption key K1, wherein the generating is performed by the tag; and
    (c-3) transmitting the generated temporary identification EID_T, the tag random number N_T, and the tag response RESP_T to the reader, wherein the transmitting is performed by the tag.
  5. The method of claim 4, wherein operation (d) comprises:
    (d-1) calling up the tag information comprising the unique identification EPC, the first encryption key K1, and the second encryption key K2 corresponding to the received temporary identification EID_T, wherein the calling is performed by the reader;
    (d-2) determining whether a CRC resultant value obtained by performing XOR on the reader random number N_R and upper bits of the first encryption key K1 and performing XOR on the tag random number N_T and lower bits of the first encryption key K1 is identical to the tag response RESP_T, wherein the determining is performed by the reader;
    (d-3) if it is determined that the CRC resultant value is identical to the tag response RESP_T, authenticating that the tag is a legal tag, wherein the authenticating is performed by the reader; and
    (d-4) generating a reader response RESP_R through CRC calculation by performing XOR on the reader random number N_R and lower bits of the first encryption key K1 and performing XOR on the tag random number N_T and upper bits of the first encryption key K1, and transmitting the reader response RESP_R to the tag, wherein the generating and the transmitting are performed by the reader.
  6. The method of claim 5, wherein operation (e) comprises:
    determining whether a CRC resultant value obtained by performing XOR on the reader random number N_R and lower bits of the first encryption key K1 and performing XOR on the tag random number N_T and upper bits of the first encryption key K1 is identical to a reader response RESP_R, wherein the determining is performed by the tag;
    (e-2) it is determined that the CRC result value is identical to the reader response RESP_R, authenticating that the reader is a legal reader, wherein the authenticating is performed by the tag; and
    (e-3) updating the first encryption key K1 and the second encryption key K2, wherein the updating is performed by the tag.
  7. The method of claim 6, wherein operation (e-3) comprises:
    updating the first encryption key K1 by using a value obtained by performing CRC calculation on a result obtained by performing XOR on upper bits of the first encryption key K1 and lower bits of the second encryption key K2 and a value obtained by performing CRC calculation on a result obtained by performing XOR on lower bits of the first encryption key K1 and upper bits of the second encryption key K2, wherein the updating is performed by the tag; and
    updating the second encryption key K2 by using a value obtained by performing CRC calculation on a result obtained by performing upper bits of the first encryption key K1 and upper bits of the second encryption key and a value obtained by performing CRC calculation on a result obtained by performing XOR on lower bits of the first encryption key K1 and lower bits of the second encryption key K2, wherein the updating is performed by the tag.
  8. The method of claim 7, wherein operation (f) comprises:
    (f-1) receiving a reader authentication signal from the tag, wherein the receiving is performed by the reader;
    (f-2) updating the first encryption key K1 by using a value obtained by performing CRC calculation on a result obtained by performing XOR on upper bits of the first encryption key K1 and lower bits of the second encryption key K2 and a value obtained by performing CRC calculation on a result obtained by performing XOR on lower bits of the first encryption key K1 and upper bits of the second encryption key K2, wherein the updating is performed by the reader; and
    (f-3) updating the second encryption key K2 by using a value obtained by performing CRC calculation on a result obtained by performing XOR on upper bits of the first encryption key K1 and upper bits of the second encryption key K2 and a value obtained by performing CRC calculation on a result obtained by performing XOR on lower bits of the first encryption key K1 and lower bits of the second encryption key K2, wherein the updating is performed by the reader.
  9. The method of claim 1, wherein operation (c) comprises:
    (c-1) generating a CRC calculator by performing XOR on a random number N_T and a first encryption key K, wherein the generating is performed by the tag;
    (c-2) generating target information by connecting the unique identification EPC_T, the reader random number N_R, and the tag random number N_T, wherein the generating is performed by the tag;
    (c-3) generating a CRC resultant value by performing CRC calculation on the target information as the CRC calculator, wherein the generating is performed by the tag;
    (c-4) generating a tag response RESP_T by performing XOR on the CRC resultant value and the first encryption key K, wherein the generating is performed by the tag; and
    (c-5) transmitting the unique identification EPC_T, the tag random number N_T, and the tag response RESP_T to the reader, wherein the transmitting is performed by the tag.
  10. The method of claim 9, wherein operation (d) comprises:
    (d-1) calling up a pre-change first encryption key Kold, a post-change first encryption key Knew, a pre-change second encryption key Pold, and a post-change second encryption key Pnew corresponding to the received unique identification EPC_T, wherein the calling is performed by the reader;
    (d-2) generating a first verification value RESP_V1 by using the pre-change first encryption key Kold, wherein the generating is performed by the reader;
    (d-3) if the tag response RESP_T received from the tag is identical to the first verification value RESP_V1, generating a first authentication response RESP_R1 and transmitting the first authentication response RESP_R1 to the tag, wherein the generating and the transmitting are preformed by the reader;
    (d-4) if the tag response RESP_T received from the tag is not identical to the first verification value RESP_V1, generating a second verification value RESP_V2 by using the post-change first encryption key Knew, wherein the generating is performed by the reader; and  
    (d-5) if the tag response RESP_T received from the tag is identical to the second verification value RESP_V2, generating a second authentication response RESP_R2 and transmitting the second authentication response RESP_R2 to the tag, wherein the generating and the transmitting are performed by the reader.
  11. The method of claim 10, wherein operation (d-3) comprises:
    (91) generating a CRC calculator by performing XOR on the pre-change second encryption key Pold and the received tag random number N_T, wherein the generating is performed by the reader;
    (92) generating target information by connecting the received unique identification EPC_T and the tag random number N_T, wherein the generating is performed by the reader;
    (93) generating a CRC resultant value by performing CRC calculation on the target information as the CRC calculator, wherein the generating is performed by the reader;
    (94) generating a first authentication response RESP_R1 by performing XOR on the CRC resultant value and the pre-change second encryption key Pold, wherein the generating is performed by the reader; and
    (95) transmitting the generated first authentication response RESP_R1 to the tag, wherein the transmitting is performed by the reader.
  12. The method of claim 10, wherein operation (e) comprises:
    (e-1) generating a verification value RESP_VE for the received reader response RESP_R, wherein the generating is performed by the tag;
    (e-2) determining whether the verification value RESP_VE is identical to the authentication value RESP_R, wherein the determining is performed by the tag;
    (e-3) if it is determined that the verification value RESP_VE is identical to the authentication value RESP_R, authenticating that the reader is a legal reader, wherein the authenticating is performed by the tag; and
    (e-4) updating the first encryption key K and the second encryption key P, wherein the updating is performed by the tag.
PCT/KR2010/009276 2009-12-24 2010-12-23 Method for mutual authentication between tag and reader in radio frequency identification system WO2011078603A2 (en)

Applications Claiming Priority (4)

Application Number Priority Date Filing Date Title
KR10-2009-0131212 2009-12-24
KR20090131212 2009-12-24
KR1020100127864A KR20110074441A (en) 2009-12-24 2010-12-14 Method for mutual authentication between tag and reader in radio frequency identification system
KR10-2010-0127864 2010-12-14

Publications (2)

Publication Number Publication Date
WO2011078603A2 true WO2011078603A2 (en) 2011-06-30
WO2011078603A3 WO2011078603A3 (en) 2011-11-10

Family

ID=44196335

Family Applications (1)

Application Number Title Priority Date Filing Date
PCT/KR2010/009276 WO2011078603A2 (en) 2009-12-24 2010-12-23 Method for mutual authentication between tag and reader in radio frequency identification system

Country Status (1)

Country Link
WO (1) WO2011078603A2 (en)

Cited By (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN102419812A (en) * 2011-10-17 2012-04-18 黄廷彰 Radio identification label reading system for racing pigeons
CN106992861A (en) * 2017-05-24 2017-07-28 广东工业大学 A kind of wireless generation method of RFID keys and system with EPC labels
US10664398B2 (en) 2018-07-31 2020-05-26 International Business Machines Corporation Link-level cyclic redundancy check replay for non-blocking coherence flow
US11213773B2 (en) 2017-03-06 2022-01-04 Cummins Filtration Ip, Inc. Genuine filter recognition with filter monitoring system

Non-Patent Citations (3)

* Cited by examiner, † Cited by third party
Title
A. MENEZES ET AL. HANDBOOK OF APPLIED CRYPTOGRAPHY 1996, pages 397 - 405 *
BOO JOONG KANG ET AL.: 'RFID Mutual Authentication Protocol for an RFID Syste m.' JOURNAL OF SECURITY ENGINEERING vol. 5, no. 5, October 2008, pages 371 - 380 *
YONG KI LEE ET AL.: 'Secure and Low-Cost RFID Authentication Protocols.' INTERNATIONAL WORKSHOP ON ADAPTIVE WIRELESS NETWORKS November 2005, SAINT LOUIS, MISSOURI, USA, *

Cited By (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN102419812A (en) * 2011-10-17 2012-04-18 黄廷彰 Radio identification label reading system for racing pigeons
US11213773B2 (en) 2017-03-06 2022-01-04 Cummins Filtration Ip, Inc. Genuine filter recognition with filter monitoring system
CN106992861A (en) * 2017-05-24 2017-07-28 广东工业大学 A kind of wireless generation method of RFID keys and system with EPC labels
US10664398B2 (en) 2018-07-31 2020-05-26 International Business Machines Corporation Link-level cyclic redundancy check replay for non-blocking coherence flow

Also Published As

Publication number Publication date
WO2011078603A3 (en) 2011-11-10

Similar Documents

Publication Publication Date Title
WO2016137304A1 (en) Trust-zone-based end-to-end security
AU772601B2 (en) A method for secure handover
WO2017222169A1 (en) Method for approving payment made using smart card, card company server executing same, and smart card
WO2013012120A1 (en) Authentication method and device using a single-use password including biometric image information
WO2013025060A2 (en) Device and method for puf-based inter-device security authentication in machine-to-machine communication
WO2012077856A1 (en) Device and method for generating an identification key
WO2013157864A1 (en) Method for authenticating user using icon combined with input pattern, and password input device
WO2019074326A1 (en) Method and apparatus for secure offline payment
WO2018151390A1 (en) Internet of things device
WO2019059453A1 (en) Communication device and method using message history-based security key by means of blockchain
US11985245B2 (en) Access security system using security card and mobile terminal, and security method for same
EP3123660A1 (en) Method and apparatus for supporting login through user terminal
WO2011078603A2 (en) Method for mutual authentication between tag and reader in radio frequency identification system
WO2012093900A2 (en) Method and device for authenticating personal network entity
JP2003535497A (en) Cryptographically checkable identification method of physical units in public wireless telecommunications networks
WO2013035927A1 (en) Smart card containing one-time password having iris image information
WO2018043951A1 (en) Pos device and system for performing payment authentication using biometric information, and control method therefor
WO2018186543A1 (en) Data encryption method and system using device authentication key
WO2020045826A1 (en) Electronic device for processing digital key, and operation method therefor
WO2020032351A1 (en) Method for establishing anonymous digital identity
WO2015156622A2 (en) Authentication apparatus and method
WO2023191216A1 (en) Data encryption and decryption system and method
WO2022080691A1 (en) Method for providing group-specific resident service to group members by using qr code authentication
WO2017018861A1 (en) Financial device using biometric information, and operation method therefor
WO2020197283A1 (en) Electronic device authentication method, and apparatus according thereto

Legal Events

Date Code Title Description
121 Ep: the epo has been informed by wipo that ep was designated in this application

Ref document number: 10839800

Country of ref document: EP

Kind code of ref document: A1

NENP Non-entry into the national phase in:

Ref country code: DE

122 Ep: pct application non-entry in european phase

Ref document number: 10839800

Country of ref document: EP

Kind code of ref document: A2