- 學位論文
改良之Gen2v2標籤認證協定與模擬實作
Design And Implement of Improved Gen2v2 Authentication Protocol
摘要
EPCglobal推出的 Gen2 RFID除了原先的物流應用外,已被廣泛地應用在其他領域-如: 身分認證、存取控制等等;這些應用也突顯出原先Gen2 標準安全保護不足的弱點。2013年EPCglobal因此公布了新一代Gen2規格- Gen2v2;最近Engels 等人提出了針對 Gen2v2雙向認證機制。然而我們發現該機制無法防止tag 或reader被偽造攻擊;本研究指出這些缺點,並以 AES的CFB、CBC、 OFB 三種加密mode提出安全的安全認證方法。最後以程式語言模擬如何成功攻擊Engels等人的機制和模擬我們所提出的三種更安全的認證機制來驗證我們的理論。
並列摘要
EPCglobal introduced Gen2 RFID to facilitate the logistics applications, and it has been widely used in other application areas - such as: identity authentication, access control, etc. However, Gen2 did not provide the required security properties these applications need. Therefore ,EPCglobal published a new generation - Gen2v2 specification; the new standards add several security commands, file management commands and privacy protection commands to set a foundation and building blocks for various secure applications. Engels et al., based on Gen2v2, proposed authentication and key agreement schemes. However, we find that the schemes can not protect tag or reader from forgery attacks. This study points out these shortcomings , and proposes improved schemes. Finally, we simulate our attacks and improved schemes, and the results verify our attacks and improvements.
參考文獻
被引用紀錄
延伸閱讀
- Huang, T. C. (2004). 進階交換協定之功能驗證環境 [master's thesis, National Taiwan University]. Airiti Library. https://doi.org/10.6342/NTU.2004.00179
- 張容彬、張筱祺(2006)。標準作業程序之落實探討。工業安全衛生,(199),8-16。https://doi.org/10.6311/ISHM.200601_(199).0002
- 賴欣怡(2015)。具服務品質保證之DOCSIS與IEEE802.11異質網路轉換機制之研究〔碩士論文,淡江大學〕。華藝線上圖書館。https://doi.org/10.6846/TKU.2015.00090
- Tian, X. J., Zhu, R. W., & Wong, D. S. (2007). Improved Efficient Remote User Authentication Schemes. International Journal of Network Security, 4(2), 149-154. https://doi.org/10.6633/IJNS.200703.4(2).04
- 王維浩(2010)。Remote Authentication Scheme for Multi-servers〔碩士論文,淡江大學〕。華藝線上圖書館。https://doi.org/10.6846/TKU.2010.00610