(a) Field of the Invention
The present invention relates to an apparatus and a method for generating a secret key.
(b) Description of the Related Art
A mobile RFID terminal reads a unique item identifier (UII) of an RFID tag by incorporating and mounting an RFID reader in a portable terminal so as to provide various mobile RFID application services to a user. The portable terminal in which the RFID reader is incorporated or mounted is referred to as a mobile RFID terminal. The most general example of the mobile RFID environment includes the mobile RFID terminal and in an environment where the RFID tag is attached to a movie poster, when a user touches the mobile RFID terminal onto the RFID tag, the user can receive information on the corresponding movie through the mobile RFID terminal.
Another example of the mobile RFID environment may include an environment in which the RFID tag is attached to medicines prescribed by a doctor. In this case, the user who has the medicine prescribed by the doctor can receive information on the medicine and a dosage method by reading the RFID tag by using the mobile RFID terminal. However, when the user purchases an RFID-attached personal article such as the medicine, not an opened public article, a malicious attacker may arbitrarily read the UII of the article through an RFID tag of the article which the user purchases. At this time, since the read UII has a unique value according to a predetermined rule, the attacker can substantially determine an article type of the article purchased by the user and determine the position of the reader reading the RFID tag, thereby causing invasion of privacy in that a movement path of the user can be tracked.
As a result, protection of the personal privacy of the user who uses the mobile RFID terminal is necessarily required. For this, identification of the RFID tag attached to a personally owned article and acquisition of information need to be protected by using a secret key which only an article owner can utilizes. However, when a process of creating the secret key is complicated and user's intervention is required, utilization of a service using the mobile RFID terminal will be deteriorated.
The above information disclosed in this Background section is only for enhancement of understanding of the background of the invention and therefore it may contain information that does not form the prior art that is already known in this country to a person of ordinary skill in the art.