Design of RFID system security research and vulnerability scanning tools
|School||University of Electronic Science and Technology|
|Course||Information and Communication Engineering|
|Keywords||RFID EPC C1G2 Secure Authentication Protocol RFID vulnerabilitymodeling|
RFID（Radio Frequency Identification） has been widely used in a variety of areasbased on its simple operation and less restriction on work environment. While the lacksof a lightweight and high security authentication protocol in front-end system whichconsist of tag and reader, leads that there are many security vulnerabilities in RFID.These vulnerabilities have a serious impact on the further application of RFID whicharouses wide attention from scholars, so how to establish an effective mechanism forvulnerability scanning is particularly important. EPC C1G2standard is the mostrecognized standard in current RFID UHF bands. But the security itself is weak,thisthesis focuses on its improvement in order to increase its two-way authenticationfunction.Based on the project of key technologies of wireless transmission of informationsecurity and industrial applications, the thesis studies the security of RFID systems fromboth theory and practice aspects. The author will firstly design a lightweight securityauthentication protocol and then design and practice the RFID system vulnerabilityscanning tool. In this thesis we focus our research and development work on thefollowing aspects:1. The author will study the security vulnerabilities of the RFID system in asystematic way, give further study of the reasons and attack methods ofvulnerability which are caused by tags, readers, tags and reading devicescommunication channel and back-stage systems. The paper will establish acommon model to discovery RFID vulnerability, the model can be divided intofour sub-models based on the composition of the system, and they are TRmodel, TRB model, TRMBE model and TRMBEC model.2. Based on TR model, the author designs a scanning tool for RFID front-endsystem. This tool can be used in LF, HF, and UHF to detect and attach securityvulnerability and then forms a test report. This tool has been already used inMinistry of Industry and Information Technology5th Electronics ResearchInstitute Saibao laboratory. 3. The security vulnerability in front-end of TR model is caused in a large extentby the lack of security protocol between tags and reader, the thesis gives afurther analysis on the security factor of EPC CIG2protocol which is widelyused in UHF. According to it’s easy to be illegal access, tracking and tapped theweakness, design an enhanced EPC C1G2authentication protocol.4. This thesis uses BAN logic to give analysis and authorization regarding theimproved protocol, based on the theoretical approvement, the author gives afurther test through simulation.Based on the above four aspects’ study, this thesis gives a systematically studyregarding the security problems in RFID system and improves the UHF EPC C1G2protocol, therefore, reinforce the system security performance.