Research On The Security Of RFID Access Control System

The Radio Frequency Identification (RFID) is an important technology of the Internet of Things(IoT). The biggest advantage of RFID technology compared with other identification technologies is that the tags can be identified by the readers without any physical contact, otherwise the RFID tags are wear-resistant and can work well in a variety of harsh environments. Therefore, RFID technology has aroused great attention in recent years, the range of applications contains manufacturing, logistics, medical, national defense and other fields. ISO/IEC15693protocol is widely used in high-frequency RFID technology. But this access and control protocol is too simple, once exploited by attackers will increase the system’s security risk.In this paper, we firstly summarize the recent researches of the RFID technology, including the emergence and development, system components, the function of each part, system working principle, communication protocols and anti-collision protocols and so on. Then a brief introduction about the communication transmission agreement ISO/IEC15693protocol provides is given and lays a theoretical foundation for the further research.Secondly, we analyze the access and control protocol in detail, and find that the ISO15693protocol uses an anti-collision algorithm based on16-slots to avoid the timing and synchronization requirements. Even though it can identify tags entirely but the thought of this algorithm is polling, and demonstrate a vulnerability in the RFID system which may be easily used by attackers.Thirdly, we use the MATLAB platform to simulate the access and control process provided in ISO15693, and then select the tags purposefully in different situations to carry out a vulnerability testing in accordance with the previous findings to determine the authenticity of the above speculation ultimately. Afterwards, in response to the shortcomings, we propose two attack modes contrary to the15693protocol, named delay attack and DoS attack. Finally, this paper describes the root causes of the vulnerabilities, and then propose an improved anti-collision paradigm based on the equipment characteristics of RFID systems which adopt the ISO/IEC15693protocol and combined with the random access ideology. After a analysis of the basic principles and feasibility of the improved algorithm, we find the new algorithm can prevent the delay attack and DoS attack effectively which the original algorithm should encounter during the anti-collision process. At the last, we conduct a performance analysis about the identification efficiency, channel utilization and communication complexity of the new method, and find that this algorithm has good performance than the original one.