计算机应用 ›› 2019, Vol. 39 ›› Issue (3): 774-778.DOI: 10.11772/j.issn.1001-9081.2018081648

• 网络空间安全 • 上一篇    下一篇

可扩展及可证安全的射频识别认证协议

史志才, 王益涵, 张晓梅, 陈珊珊, 陈计伟   

  1. 上海工程技术大学 电子电气工程学院, 上海 201620
  • 收稿日期:2018-08-09 修回日期:2018-10-03 出版日期:2019-03-10 发布日期:2019-03-11
  • 作者简介:史志才(1964-),男,吉林磐石人,教授,博士,CCF高级会员,主要研究方向:信息安全、隐私保护;王益涵(1981-),男,上海人,讲师,硕士,主要研究方向:信息安全;张晓梅(1981-),女,湖北荆门人,讲师,博士,主要研究方向:传感器网络安全;陈珊珊(1995-),女,安徽六安人,硕士研究生,主要研究方向:室内定位;陈计伟(1992-),男,江苏徐州人,硕士研究生,主要研究方向:网络安全。

Provable radio frequency identification authentication protocol with scalability

SHI Zhicai, WANG Yihan, ZHANG Xiaomei, CHEN Shanshan, CHEN Jiwei   

  1. School of Electronic and Electrical Engineering, Shanghai University of Engineering Science, Shanghai 201620, China
  • Received:2018-08-09 Revised:2018-10-03 Online:2019-03-10 Published:2019-03-11
  • Contact: 史志才

摘要: 针对目前广泛应用的被动式射频识别(RFID)标签中的计算、存储资源有限,导致RFID认证协议的安全和隐私保护,特别是可扩展性一直没有得到很好解决的问题,提出一种基于哈希函数、可证安全的轻权认证协议。该协议通过哈希运算和随机化等操作确保认证过程中会话信息的保密传输和隐私性;在认证过程中,标签的身份信息通过伪名进行确认,其真实身份没有透漏给阅读器等不信任实体;后端服务器进行身份确认仅需进行一次哈希运算,通过标识符构造哈希表可使身份信息查找时间为常数;每次认证后,标签的秘密信息和伪名等均进行更新,从而确保协议的前向安全性。分析证实,该RFID轻权认证协议具有很好的可扩展性、匿名性和前向安全性,能够抵抗窃听、追踪、重放、去同步化等攻击,而且标签仅需提供哈希运算和伪随机数生成操作,非常适合应用于低成本的RFID系统。

关键词: 认证协议, 可扩展性, 安全性, 隐私保护, 哈希函数

Abstract: The popular Radio Frequency IDentification (RFID) tags are some passive ones and they only have very limited computing and memory resources, which makes it difficult to solve the security, privacy and scalability problems of RFID authentication protocols. Based on Hash function, a security-provable lightweight authentication protocol was proposed. The protocol ensures the confidentiality and privacy of the sessions during the authentication process by Hashing and randomizing. Firstly, the identity of a tag was confirmed by its pseudonym and was preserved from leaking to any untrusted entity such as a reader. Secondly, only one Hashing computation was needed to confirm a tag's identity in the backend server, and the searching time to the tag's identity was limited to a constant by using the identifier to construct a Hash table. Finally, after each authentication, the secrecy and pseudonym of the tag were updated to ensure forward security of the protocol. It is proved that the proposed protocol satisfies scalability, forward security and anonymity demands and can prevent eavesdropping, tracing attack, replay attack and de-synchronization attack. The protocol only needs Hash function and pseudorandom generating operation for the tag, therefore it is very suitable to low-cost RFID systems.

Key words: authentication protocol, scalability, security, privacy preserving, Hash function

中图分类号: