摘要 |
The present invention provides a method for authenticating an RFID service. The method includes the steps of: transmitting, by the RFID reader, a tag identifier request signal including an a random number (R_h) through a session to a tag after generating the random number (R_h); receiving, by the reader, a response signal, which includes a tag identifier encoding value (C_1) calculated by using both of a session key (SK) of the session and the tag identifier (SN) of the tag, with respect to the tag identifier request signal; obtaining, by the reader, the tag identifier (SN) of the tag from a generated session key (SK) and the encoding value (C_1) after generating the session key (SK); transmitting, by the reader, a tag-related service information request signal including a tag identifier encoding value (C_2) generated by using a shared key (K_DB-H), shared between a database server and the RFID reader, and the obtained tag identifier (SN); then obtaining the tag-related information (Info). In the step of obtaining the tag-related information (Info): an encryption (C3) of the tag-related service information (Info) is received from the database server; and the encryption (C3) is decoded by using a tag identifier hash value (DK), generated by inputting the shared key (KDB-H) and the tag identifier (SN) into to a predetermined hash function, in a symmetric-key-based decoding algorithm. |