無線射頻辨識(RFID)技術結合無線射頻(RF)和IC晶片技術。無線射頻辨識將會在幾年之後逐漸取代條碼功能，給零售、物流業乃至全球供應鏈帶來革命性改變。無線射頻辨識有極大的應用空間以及運作彈性，但是在防偽領域的應用上才剛起步。本論文對無線射頻辨識的防偽機制做了一個全面而深入的考察與研究，以加強無線射頻辨識防偽安全服務為目的，從全面的防偽架構觀點切入，提出點（電子標籤或讀取器本身）、線（電子標籤和讀取器之間）及面（全面網路系統架構）的整體防偽機制，研究如何利用無線射頻辨識解決生活周遭的偽造及仿冒問題。首先，就「點」而論：就是強化每個RFID物件（無線射頻標籤或讀取器）本身的防偽能力，使仿冒者必需花很高的代價才能進行偽造，以致知難而退，達到防偽目的。其次，就「線」而論：就是加強兩個RFID物件之間的防偽傳輸機制，也就是加強無線射頻標籤與讀取器之間的安全傳輸機制，並做好彼此身分認證，使得偽造的標籤或讀取器難以冒充合法的RFID物件來介入正常的資料傳輸過程，而達到防偽的目的。再根據面的防偽需求，提出四個防偽架構，並分析其應用範疇、配套措施、系統架構及優缺點等課題。接著，應用前述這四個架構於有價證券的防偽機制上。然後，再應用這四個架構解決生活中所面臨的諸多偽造問題，藉此幫助企業思考如何利用無線射頻辨識解決週遭所面臨的問題，更幫助企業在導入相關應用時做最佳選擇。

Radio frequency identification (RFID) technology is a combination of RF and IC chip technology. RFID technology is expected to replace the “bar code” functions and will bring revolutionary changes to the retailers, the logistics and the global supply chains. Currently, RFID has a lot of applications potential and operational flexibility. However, its application in the field of anti-counterfeiting is just beginning. This paper has made a comprehensive survey and research in the anti-counterfeiting mechanism using RFID. The goal of this paper is to enhance the anti-counterfeiting capability of the RFID technology. It takes three perspective approaches to address this problem. At the “isolated component” level, we try to enhance the anti-counterfeiting capability of each major RFID component (e.g., RFID tag and RFID reader), such that the counterfeiter has to pay a high premium to counterfeit the authentic target object. At the “component interaction” level, we introduce the authentication mechanism between the data transmission of two RFID objects, such that there is no way for any fake object to participate in the transmission process. At the “overall system” level, we propose four anti-counterfeit architecture models to enhance the overall RFID system anti-counterfeiting mechanism, and apply these four models to the banking and financial anti-counterfeiting applications. Finally, we apply these four architecture models to solve many counterfeit problems surrounding us. We hope that our research will help the enterprise to solve many of their counterfeiting problems using RFID technology, and at the same time assist them to make wise and proper decisions when they need to deploy RFID technology in their companies.

[[1]FDA's counterfeit drug task force interim report, U.S. Department of Health and Human Services, Food and Drug Administration, Rockville, MD, 2003.
[2]A.P., RFID to fight counterfeiting of Viagra, painkilling drugs, Information Week, Nov. 15, 2004.
[3]EPCglobal specifications & ratified standards, EPCglobal, 2003,
http://www.epcglobalinc.org/standards_technology/specifications.html.
[4]R. Anderson and M. Kuhn., Low cost attacks on tamper resistant devices, 5th International Workshop on Security Protocols, LNCS, vol. 1361, pp. 125-136, Apr. 1997.
[5]RFID security issues, AIM Global Network, June 30, 2005,
http://www.aimglobal.org/members/news/templates/rfidinsights.asp?articleid= 392&zoneid=24.
[6]D. L. Evans, Security requirements for cryptographic modules, FIPS PUB 140-2, National Institute of Standards and Technology, May 2001.
[7]M. Feldhofer, S. Dominikus, and J. Wolkerstorfer, Strong authentication for RFID systems using the AES algorithm, Cryptographic Hardware and Embedded Systems, Boston, MA, pp. 357-370, 2004.
[8]A. D. Fernandes, Elliptic-curve cryptography, Dr. Dobb's Journal, vol. 24, no. 12, pp. 56-62, 1999.
[9]K. Finkenzeller, RFID Handbook: Fundamentals and Applications in Ccontactless Smart Cards and Identification, New York, NY, Wiley, 2003.
[10]D. Henrici and P. Muller, Hash-based enhancement of location privacy for radio-frequency identification devices using varying identifiers, Workshop on Pervasive Computing and Communications Security, Orlando, FL, pp. 149-153, 2004.
[11]J. Hoffstein, J. Pipher, and J. H. Silverman, NTRU: A ring-based public key cryptosystem, LNCS, vol. 1423, pp. 267-288, 1998.
[12]J. Hong, J. Han, D. Kwon, and D. Han, Chosen-ciphertext attacks on optimized NTRU, 2002, http://eprint.iacr.org/2002/188.
[13]A. Juels, D. Molnar, and D. Wagner, Security and privacy issues in E-passports, Cryptology ePrint Archive: Report 2005/095, Sep. 2005,
http://eprint.iacr.org/2005/095.
[14]A. Juels and R. Pappu, Squealing Euros: privacy protection in RFID-enabled banknotes, LNCS, no. 2742, pp. 103-121, 2003.
[15]P. Karu and J. Loikkanen, Practical comparison of fast public-key cryptosystems, Telecommunications Software and Multimedia Labratory, Helsinki University of Technology, Finland, 2001.
[16]N. Koblitz, Elliptic curve cryptosystems, Mathematics of Computation, vol. 48, no. 177, pp. 203-209, 1987.
[17]V. Miller, Use of elliptic curves in cryptography, LNCS, vol. 218, pp. 417-426, 1985.
[18]G. E. Moore, Cramming more components onto integrated circuits, Electronics, vol. 38, no. 8, Apr. 1965.
[19]P. Nguyen and D. Pointcheval, Analysis and improvements of NTRU encryption paddings, LNCS, vol. 2442, pp. 210-225, 2002.
[20] M. Ohkubo, K. Suzuki, and S. Kinoshita, Cryptographic approach to "privacy-friendly" tags, RFID Privacy Workshop, Cambridge, MA, 2003,
http://www.rfidprivacy.org/papers/sozo_inoue.pdf.
[21]Sun Microsystems, Software solutions - EPC and RFID, Sun Microsystems,
http://www.sun.com/software/solutions/rfid/.
[22]Commission on Intellectual Property, The fight against piracy and counterfeiting of intellectual property, International Chamber of Commerce, Paris, France, June 2004.
[23]Combating Counterfeit Drugs: A Report of the Food and Drug Administration, U.S. Department of Health and Human Services, Food and Drug Administration, Rockville, MD, Feb. 2004,
http://www.fda.gov/oc/initiatives/counterfeit/report02_04.html.
[24]J. Saito, J.-C. Ryou, and K. Sakurai, Enhancing privacy of universal re-encryption scheme for RFID tags, LNCS, vol. 3207, pp. 879-890, 2004.
[25]T. Staake, F. Thiesse, and E. Fleisch, Extending the EPC network: The potential of RFID in anti-counterfeiting, 20th ACM Symp. on Applied Computing, Santa Fe, NM, pp. 1607-1612, Mar. 2005.
[26]D. Sun, RFID and pharmaceutical anti-co----unterfeit, 2005,
http://www.scholarlyexchange.org/journals/journalindex.php?journal_id= 18&PHPSESSID=e65a768d70df50da9434448b1dc114ef.
[27]C. G. a. M. Szydlo, "Cryptanalysis of the revised NTRU signature scheme," Proc. Proc. of the Int. Conf. on the Theory and Applications of Cryptographic Techniques, London, UK, pp. 299-320, 2002.
[28]K. Traub, et al., EPCglobal Architecture Framework version 1.0, EPCglobal, 2005, http://www.epcglobalinc.org/standards_technology/Final-epcglobal-arch- 20050701.pdf.
[29]R. Want, The magic of RFID, ACM Queue, vol. 2, no. 7, pp. 41-48, Oct. 2004.
[30]S. H. Weingart, Physical security devices for computer subsystems: A survey of attacks and defenses, LNCS, vol. 1965, pp. 302-317, 2000.
[31]S. A. Weis, S. E. Sarma, R. L. Rivest, and D. W. Engels, Security and privacy aspects of low-cost radio frequency identification systems, LNCS, vol. 2802, pp. 201-212, 2004.
[32]D. J. Wheeler and R. M. Needham, TEA, a tiny encryption algorithm, LNCS, vol. 1008, pp. 363-366, 1994.
[33]J. Wolkerstorfer, Is elliptic-curve cryptography suitable to secure RFID tags? Workshop on RFID and Light-Weight Crypto, Graz, Austria, July 2005.
[34]J. Yoshida, Euro bank notes to embed RFID chips by 2005, EE Times, Dec. 19, 2001, http://www.eetimes.com/printableArticle?doc_id=OEG20011219S0016.
[35]王連興, RFID無線身份識別系統及讀卡機架構說明, 台北,電子技術雜誌, vol. 208, 2004,
http://epaper.eedesign.com.tw/epaper/epaperpreview.asp?id=185.
[36]胡宏亮, 票券印刷芻論, 台中, 印刷出版社, 1992,
http://www.cgan.com/book/books/print/stock/index.htm.
[37]曾建榮, 張善政, 打造幕後資訊流動管道RFID貨暢其流－宏碁, 技術尖兵, vol. 117, 台北, Sep. 2004, http://www.st-pioneer.org.tw/modules.php?name= magazine&pa=showpage&tid=2174.
[38]鄭博仁, 陳林福, 陳品儀, 謝德鑫, 無線射頻辨識技術與資訊安全應用, 資訊安全技術通訊, vol. 10, no. 2, pp. 78-86, 台北, 2004.