Abstract: RFID system, in which we give identification number to each item and detect it with radio frequency, supports more variable service than barcode system can do. For example, a refrigerator with RFID reader and internet connection will automatically notify expiration of food validity to us. But, in spite of its convenience, RFID system has some security threats, because anybody can get ID information of item easily. One of most critical threats is privacy invasion. Existing privacy protection schemes or systems have been proposed, and these schemes or systems defend normal users from attempts that any attacker tries to get information using RFID tag value. But, these systems still have weakness that attacker can get information using analogous value instead of original tag value. In this paper, we mention this type of attack more precisely and suggest 'Tag Broker Model', which can defend it. Tag broker in this model translates original tag value to random value, and user can only get random value. Attacker can not use analogous tag value, because he/she is not able to know original one from it.
Abstract: Cell phone forensics to acquire and analyze data in the
cellular phone is nowadays being used in a national investigation
organization and a private company. In order to collect cellular phone
flash memory data, we have two methods. Firstly, it is a logical
method which acquires files and directories from the file system of the
cell phone flash memory. Secondly, we can get all data from bit-by-bit
copy of entire physical memory using a low level access method. In
this paper, we describe a forensic tool to acquire cell phone flash
memory data using a logical level approach. By our tool, we can get
EFS file system and peek memory data with an arbitrary region from
Korea CDMA cell phone.
Abstract: This paper proposes the authentication method using
ESA algorithm instead of using CAVE algorithm in the CDMA
mobile communication systems including IS-95 and CDMA2000 1x.
And, we analyze to apply ESA mechanism on behalf of CAVE
mechanism without the change of message format and air interface in
the existing CDMA systems. If ESA algorithm can be used as the
substitution of CAVE algorithm, security strength of authentication
algorithm is intensified without protocol change. An algorithm
replacement proposed in this paper is not to change an authentication
mechanism, but to configure input of ESA algorithm and to produce
output. Therefore, our proposal can be the compatible to the existing
systems.
Abstract: Electronic seal is an electronic device to check the
authenticity and integrity of freight containers at the point of arrival.
While RFID-based eSeals are gaining more acceptances and there are
also some standardization processes for these devices, a recent
research revealed that the current RFID-based eSeals are vulnerable to
various attacks. In this paper, we provide a feasible solution to
enhance the security of active RFID-based eSeals. Our approach is to
use an authentication and key agreement protocol between eSeal and
reader device, enabling data encryption and integrity check. Our
protocol is based on the use of block cipher AES, which is reasonable
since a block cipher can also be used for many other security purposes
including data encryption and pseudo-random number generation. Our
protocol is very simple, and it is applicable to low-end active RFID
eSeals.