TIIS (Çѱ¹ÀÎÅͳÝÁ¤º¸ÇÐȸ)
| ÇѱÛÁ¦¸ñ(Korean Title) |
Attacks and Countermeasures for RFID Mutual Authentication Scheme in Pervasive Computing Environment |
| ¿µ¹®Á¦¸ñ(English Title) |
Attacks and Countermeasures for RFID Mutual Authentication Scheme in Pervasive Computing Environment |
| ÀúÀÚ(Author) |
Abedelaziz Mohaisen
Ku-Young Chang
Dowon Hong
|
| ¿ø¹®¼ö·Ïó(Citation) |
VOL 05 NO. 09 PP. 1684 ~ 1697 (2011. 09) |
Çѱ۳»¿ë
(Korean Abstract) |
|
¿µ¹®³»¿ë
(English Abstract) |
We show that two protocols for RFID mutual authentication in pervasive computing environments, recently proposed by Kang et al, are vulnerable to several attacks. First, we show these protocols do not preserve the privacy of users' location. Once a tag is authenticated successfully, we show several scenarios where legitimate or illegitimate readers can trace the location of that tag without any further information about the tag's identifier or initial private key. Second, since the communication between readers and the database takes place over an insecure communication channel and in the plaintext form, we show scenarios where a compromised tag can gain access to confidential information that the tag is not supposed get access to. Finally, we show that these protocols are also vulnerable to the replay and denial-of-service attacks.
While some of these attacks are due to simple flaws and can be easily fixed, others are more fundamental and are due to relaxing widely accepted assumptions in the literature. We examine this issue, apply countermeasures, and re-evaluate the protocols overhead after taking these countermeasures into account and compare them to other work in the literature.
|
| Å°¿öµå(Keyword) |
RFID
mutual authentication
attacks and countermeasures
pervasive computing environments
|
| ÆÄÀÏ÷ºÎ |
PDF ´Ù¿î·Îµå
|
