RFID在近年來廣泛的被應用於交通運輸與供應鏈管理等領域,以更有效率地即時追蹤管理,降低物流成本;目前更應用於新一代的近端付款上。然而,由於RFID採用非接觸式的遠距離讀取,在空中傳輸的機密資料,很容易遭到竊聽甚至是冒用;RFID tag內存的資料也可能遭到惡意的竄改;非法的RFID reader也可能進行未經授權的資料蒐集,分析消費者的購物習性,或是透過RFID tag 所傳出的固定值,追蹤消費者的位置。 目前已有許多研究針對RFID的安全問題提出了不少解決方案,這些解決方案多假設RFID reader與後端資料庫的傳輸架構在企業內部的有線環境,而通常將其定義為安全通訊區段。然而目前許多的應用環境需使用手持式(行動式)的RFID reader,以無線的方式與後端資料庫連結,因此本研究將使用隨機雜湊鎖的方法提出改善的協定,並在兼顧安全、效率以及EPC網路相容性的前提下,使RFID系統的安全性無需建立於這些假設之上。
Interests continue to grow in recent years for the adoption of Radio Frequency Identification (RFID) in many different areas including transportation and supply chain management. However, because of the contact-less retrieval, the transmission of data in the air is very vulnerable to eavesdropping or appropriation. A primary security concern surrounding RFID technology is the illicit tracking of consumer location and analyzing of their shopping habits or behavior. Recently, there are many solutions are proposed for RFID security, but most of the existing solutions assume the channel between RFID reader and the back-end database is secure, for it is structured in the wired environment of enterprise's interior. However, nowadays the wireless portable RFID readers are widely used to connect back-end databases. Therefore, this research will propose a lightweight secure protocol using randomized hash lock method without depending on the assumption mentioned above.