Protecting Your Privacy with a Mobile Agent Device in RFID Environment Authors: Sang-Soo Yeo, Soo-Cheol Kim, Sung Kwon Kim, Gilcheol Park, Seok Soo Kim, Ki-Sung Yang, Sung-Eon Cho Sources: Wireless Personal Communication, vol. 51, no. 1, pp. 165-178, 2009 Speaker: C. H. Wei Date: 2009.10.31
Outline • The Problem • MARP • eMARP • Security and efficiency analysis • Conclusion • Comments
The Problem • An attacker can eavesdrop the tag’s PIN. (mode change key of the tag t) • There are many readers and agents in system, it will decrease overall performance of MARP scheme.
Security and efficiency analysis • Eavesdropping • One-way hash function and self refreshed PINt • Most of communication are performed using a public key cryptosystem, it is safe from eavesdropping • Spoofing attack • Only authenticated reader or agent , who know secret PIN of the tag • Location tracking • Tag forgery
Comments • The problem is solved • An attacker can eavesdrop the tag’s PIN. • There are many readers and agents in system, it will decrease overall performance of MARP scheme.
Comments (cont.) • Advantage • This paper integrate mobile agent and public-key center to replace the disadvantage that the efficiency of the tag is not enough and security. • Disadvantage • eMARP cannot resist Spoofing attack • eMARP cannot resist Location tracking
h(PINt)1♁h(Keyt) ♁ h(PINt)2♁h(Keyt) =h(PINt)1♁h(PINt)2 h(PINt)1♁h(PINt)2 ♁h(PINt)2 =h(PINt)1 h(PINt)1 ♁h(PINt)1♁h(Keyt) =h(Keyt)………Registration phase h(Keyt) ♁Rs ♁ h(Keyt) = Rs