隨著無線射頻識別系統(RFID, Radio Frequency Identification)技術的進步,人工智慧以及物聯網蓬勃發展,各行各業也開始應用RFID於工作中,本研究著重研究智慧物流相關的RFID驗證機制,物流業所需要的驗證機制需要具備低成本及高效率兩要素,在兼顧兩者的同時,也必須有良好的防禦能力,讓資料在傳輸的過程中不受到攻擊。
近年來已經有許多學者提出RFID的安全機制,其中本研究發現Palli等人於2021年提出的驗證機制具有 RFID 驗證所需的低運算成本及低儲存空間的特性,但經由安全性分析,發現如攻擊者可讀取標籤中的資訊,並取得驗證過程中的訊息,將會遭到仿冒等攻擊。此外,Alzahrani等人於2022年提出的驗證機制具有實用的價值,但本研究發現該機制也存在著安全漏洞,攻擊者將可以藉由漏洞仿冒使用者,危害機制的安全。
為能提供一個高效率及具有防禦能力的機制,本研究以Palli等人及Alzahrani等人的機制為基礎,提出改良的RFID驗證機制,並藉由安全性及效能分析,證明增強機制能夠提供更佳的驗證效率以及較佳的防禦能力,使增強機制更符合RFID實務應用的需求。
With the advancement of Radio Frequency Identification (RFID) technology, artificial intelligence and the Internet of Things booming, various industries have begun to apply RFID in their work. This study focuses on the RFID authentication mechanism related to smart logistics. The authentication mechanism required by the logistics industry needs to have two elements: low cost and high efficiency. While considering both, it must also have good defense capabilities to prevent data from being attacked during transmission.
In recent years, many scholars have proposed RFID security mechanisms. This study found that the authentication mechanism proposed by Palli et al. in 2021 has the characteristics of low computing cost and low storage space required for RFID authentication. However, after security analysis, it was found that if an attacker can read the information in the tag and obtain it during the authentication process, it will be attacked by counterfeiting and other attacks. In addition, the authentication mechanism proposed by Alzahrani et al. in 2023 has practical value, but this study found that this mechanism also has security loopholes. Attackers can use the loopholes to impersonate users and compromise the mechanism's security.
In order to provide a highly efficient and defensive mechanism, this study proposes an improved RFID authentication mechanism based on the mechanism of Palli et al. and Alzahrani et al., and through security and performance analysis, proves that the enhanced mechanism can provide better. The best authentication efficiency and better defense capabilities make the improved mechanism more in line with the needs of RFID practical applications.
