Radio frequency identification (RFID) technology is a non-contact automatic identification technology. It automatically identifies the target and obtains relevant data through RF signal. The identification work does not need manual intervention, which is equivalent to wireless bar code. This technology has broad application prospects and has been widely used in many fields. However, the invasion of privacy brought by RFID, especially the nature of user tracking and identification, has attracted considerable attention and opposition. On the other hand, with the gradual application of RFID in authentication fields such as identity recognition and the improvement of RFID authentication security requirements, the harm of forged RFID to applications is gradually reflected.

1 RFID introduction

Rftid system usually consists of an RFID chip attached to the object to be marked, an RFID reader communicating with the RFID chip through RF, and a background database in which the information related to the object is stored. Because these tiny and cheap chips make automatic contactless identification possible, RFID has been widely used in many fields, such as supply chain management, bank bills, access control, identity recognition and so on. However, most RFID systems face a problem of identification security and privacy protection. In fact, these problems prevent the development of RFID to a certain extent. RFID chips can be divided into passive and active. Passive RFID

The chip is powered by an RFID reader. The reader sends RF RFID to activate a range of chips and provide energy. Active RFID chip has its own power supply, and its transmission range can often reach tens or even hundreds of meters. However, due to the requirements of size and process, this kind of chip is expensive, and its application is often limited by the service life of power supply.

RFID chip can be divided into read-only and read-write. The read-only chip contains a unique identification number and cannot be changed. However, the read-write chip allows updating the information it stores. Our scheme is suitable for passive and active RFID chips. Because the scheme requires data update, it can only be used to read and write RFID chips.

2 RFID Security Status

Due to the limited computing power and storage capacity, the traditional cryptographic security protocols can not be implemented in RFID systems. In addition, the open communication channel between the chip and the reader is also vulnerable to eavesdropping, man in the middle attack, spoofing, etc. RFID security issues [1] are mainly reflected in the following aspects:

① System security: in an open RFID system, attackers have a variety of intrusion channels and can choose a variety of attack methods. For example, DoS attacks can cause system paralysis. A system that can run healthily for a long time is the premise of safety.

② Privacy security: information disclosure and user tracking are the main problems of RFID Privacy Security. The solution to information leakage is to save only one ID on RFID, and store the really useful information in the background database and extract it through ID. But this still doesn’t solve the traceable problem. The problem of user tracking is relatively complex, and its solution often needs to adopt appropriate ID refresh mechanism and database RFID synchronization mechanism.

③ Authentication security: compared with privacy security, authentication security receives much less attention. In fact, many famous RFID protocols directly ignore authentication security. Therefore, most RFID chips cannot resist forgery attacks. The target chip can be cloned successfully by simply reading the target chip and replaying the results later. When analyzing the authentication security of RFID system, we usually assume that the communication channel between the reader and the background database is secure (for example, an encrypted tunnel is established through a two-way SSL Protocol). So we focus on the communication channel between the chip and the reader. Authentication can exist in two directions. Of course, the two-way authentication protocol is relatively complex.

Traceable meaning: the RFID tag will respond to the query of any reader (in some schemes, the reader must authenticate itself to get the response of the tag). Traceable means that the tracker can distinguish which are from the same tag in the response to multiple RFID tags. We should distinguish the two concepts of cryptography based tracking and physical based tracking. Physical tracking uses means other than algorithms, such as directly tracking the holder, installing radio transmitting devices on the holder, and so on. The tracking in the sense of cryptography makes no assumptions about the time and place between multiple queries of the studied tag. For example, the first query sample may come from the sporadic transaction data collected on the Internet, while the second query sample comes from the query response of a tag to the reader. Can the tracker distinguish whether the two transactions come from the same tag.

3 design of RFID tag information reading module with personal information protection

The hardware platform (trust platform module chip) can refer to the equipment designed by Texas Instruments to read their tag ittm (HF) RFID tags [2]

, but its key storage database needs to be modified. The modules to be considered in the design are the core part, policy design part and user agent. The detailed structure of the system is shown in Figure 1.

The design of RFID tag information reading module greatly reduces the possibility of privacy disclosure

Core part: this part adopts operating system (Linux), wireless communication interface connected with hardware platform, communication protocol (TCP / IP), and basic functions of reading RFID tag data. It can well contact with the trusted platform module, and ensure that this module can always accurately reflect the configuration of the reader and monitor any process running in the core. And each specific application running on the core program can not modify the data of the core part, and the core part process can not endanger the security of the trust platform. In terms of protecting the user’s private information, unless it complies with the security policy, the decryption key of RFID tag will be used to unlock and read the user’s private information.

Policy engine: it is a software module for reading system to operate on the basis of privacy protection and friendly interface. The policy engine has two main components: ① decide whether the tag can be scanned by the reading system and whether it has permission to process the read data. ② Whether RFID information can be read and decoded. When a password is needed to decrypt some special RFID codes or identify an RFID tag, the policy engine will provide the password to the core part, and then let the core part perform the above tasks. We also need such a password to upgrade the policy engine or migrate the policy from one reading system to another without changing the core part of the lower layer, that is, the policy running in the original core part can still be used.

User agent: the user agent is based on the core part of the system and the policy engine and can effectively combine them to provide effective services for users. It is used to execute the information protection policy and monitor the implementation of the policy. At the same time, it also has the system audit function to ensure that some specific RFID codes can be known by the users specified in the information protection policy.

In addition to the improved design of the above system structure, starting from the chip hardware itself, for example, the recent research of IBM can be adopted

The RFID chip using “cut label” technology. After shopping, consumers tear off or scrape off the RFID antenna, so that the chip reading distance will be greatly reduced (reduced to 1 to 2 inches), which greatly reduces the possibility of privacy disclosure, and protects the interests of consumers, manufacturers and traders.

4 Summary and Prospect

At present, the design of electronic label chip has been localized in China, and many domestic enterprises can design and produce electronic label chip in line with international standards. Therefore, the working frequency of the RFID tag to be used in this system will be set as low frequency (LF) and 15MHz, and the domestic RFID tag chip manufactured under the foreign standard CMOS process will be introduced. In addition, the chip also requires the use of ultra-low power analog circuits, because this will directly affect the reading distance and overall performance of the chip. This RFID will apply a short-range 13.56MHz RFID antenna (< >

At the same time, the University’s communication laboratory can provide good wireless communication research equipment and places, so as to realize the model of multi-functional intelligent e-ticket and show you a new material application practice – the application design of RFID chip. The reusable ticket using RFID technology will replace our traditional paper ticket. From the perspective of environmental protection, it is a very effective improvement and will receive extensive attention. On this basis, we focus on the development of RFID application layer to make the technology better serve our consumers: Using GPS positioning and electronic map technology, Chinese or foreign friends can find airport exits and boarding gates by themselves in the unfamiliar environment of the airport, so as to solve their worries. Moreover, the system has good expansibility, and other functional modules will be introduced, such as automatic ticket checking subsystem, automatic seat finding, and even automatic ticket refund subsystem; This can greatly improve the efficiency of airport operation, reduce costs, increase passenger satisfaction, expand aviation business, and make due contributions to the development of national civil aviation.


Leave a Reply

Your email address will not be published. Required fields are marked *