EPCglobal推出的 Gen2 RFID除了原先的物流應用外,已被廣泛地應用在其他領域-如: 身分認證、存取控制等等;這些應用也突顯出原先Gen2 標準安全保護不足的弱點。2013年EPCglobal因此公布了新一代Gen2規格- Gen2v2;最近Engels 等人提出了針對 Gen2v2雙向認證機制。然而我們發現該機制無法防止tag 或reader被偽造攻擊;本研究指出這些缺點,並以 AES的CFB、CBC、 OFB 三種加密mode提出安全的安全認證方法。最後以程式語言模擬如何成功攻擊Engels等人的機制和模擬我們所提出的三種更安全的認證機制來驗證我們的理論。
EPCglobal introduced Gen2 RFID to facilitate the logistics applications, and it has been widely used in other application areas - such as: identity authentication, access control, etc. However, Gen2 did not provide the required security properties these applications need. Therefore ,EPCglobal published a new generation - Gen2v2 specification; the new standards add several security commands, file management commands and privacy protection commands to set a foundation and building blocks for various secure applications. Engels et al., based on Gen2v2, proposed authentication and key agreement schemes. However, we find that the schemes can not protect tag or reader from forgery attacks. This study points out these shortcomings , and proposes improved schemes. Finally, we simulate our attacks and improved schemes, and the results verify our attacks and improvements.