1. Field of the Invention
The present invention relates generally to a lightweight authentication technique. More particularly, the present invention relates to an authentication method using a reduced number of resources.
2. Description of the Related Art
Authentication refers to a process of verifying whether a user or other object is real and is authorized to gain access. Authentication typically includes determining whether the object to be authenticated and the object requiring the authentication are aware of a secret key that they have previously shared. Authentication methods typically include a challenge-response scheme in which, if the object requiring an authentication sends an inquiry value to the object to be authenticated, the object to be authenticated generates a correct response value by using a secret key and returns the generated correct response value, so as to prove that the object to be authenticated is aware of the secret key.
Authentication methods using such a challenge-response scheme are classified into a method using an open key (or non-symmetric key) encryption system, a method using a secret key (or symmetric key) encryption system, a method using a Hash function, and a method using a logical operation. However, an apparatus having limited resources, and therefore typically having a very low calculation ability and storage capability, cannot use an authentication method requiring a large quantity of calculation, such as a symmetric key encryption system.
Among such apparatuses having limited resources, a Radio Frequency Identification (RFID) apparatus corresponds to a non-contact recognition medium which can provide various services, including services for circulation, distribution, inventory management, etc. In an RFID system, messages are exchanged using a non-contact RF communication between an RFID apparatus and a reader, and the reader uses an authentication method in order to identify whether the RFID apparatus is approved or not. In some cases, an inter-authentication method between a reader and an RFID apparatus is used.
However, current RFID systems suffer various security problems and user privacy violation problems. To address these problems, various lightweight authentication methods have been proposed. Since authentication methods based on a mathematically hard problem using a logical operation are mainly based on the difficulty of the problem of the Learning Parity with Noise (LPN), which is a Nondeterministic Polynomial-Hard (NP-Hard) problem, it is possible to prove the theoretical safety thereof.
However, the conventional authentication methods based on a mathematically hard problem using a logical operation are problematic in that they are vulnerable to a man-in-the-middle-attack. Accordingly, there is a need for an apparatus and method for providing an authentication that is safer against a man-in-the-middle-attack than the conventionally presented lightweight authentication techniques, that can provide a resource efficiency through minimization of storage quantity/operation quantity/transmission quantity, and that can provide safety based on a mathematically hard problem.
The above information is presented as background information only to assist with an understanding of the present disclosure. No determination has been made, and no assertion is made, as to whether any of the above might be applicable as prior art with regard to the present invention.