To solve the security problems between the reader and the server of mobile Radio Frequency IDentification (RFID) caused by wireless transmission, a two-way authentication protocol based on pseudo-random function was provided. It satisfied the EPC Class-1 Generation-2 industry standards, and mutual certifications between tags, readers and servers were achieved. The security of this protocol was also proved by using GNY logic. It can effectively resist track, replay and synchronization attack etc.; simultaneously, its main calculations are transferred to the server, thereby reducing the calculations and cost of the tag.
张琪, 梁向前, 位书敏. 基于伪随机函数的移动射频识别认证协议[J]. 计算机应用, 2015, 35(4): 977-980.
ZHANG Qi, LIANG Xiangqian, WEI Shumin. Authentication protocol based on pseudo-random function for mobile radio frequency identification. Journal of Computer Applications, 2015, 35(4): 977-980.
[1] HOPPER N J, BLUM M. Secure human identification protocols[C]// Proceedings of the 7th International Conference on the Theory and Application of Cryptology and Information Security Gold Coast, LNCS 2248. Berlin: Springer-Verlag, 2001: 52-66. [2] JUELS A, WEIS S A. Authenticating pervasive devices with human protocols[C]// Proceedings of the 25th Annual International Cryptology Conference on Advances in Cryptology, LNCS 3621. Berlin: Springer-Verlag, 2005: 293-308. [3] BRINGER J, CHABANNE H, DOTTAX E. HB++: a lightweight authentication protocol secure against some attacks[C]// Proceedings of the Second International Workshop on Security, Privacy and Trust in Pervasive and Ubiquitous Computing. Piscataway: IEEE Press, 2006: 28-33. [4] WEIS S A. Security and privacy in radio-frequency identification devices[D]. Boston: Massachusetts Institute of Technology, 2003. [5] WEIS S A, SARMA S E, RIVEST R L, et al. Security and privacy aspects of low-cost radio frequency identification systems[C]// Proceedings of the First International Conference on Security in Pervasive Computing. Berlin: Springer-Verlag, 2004: 201-212. [6] WANG X, LIU J, JIANG X. Mobile RFID security protocol and its GNY logic analysis [J]. Journal of Computer Applications, 2008, 28(9): 2239-2241.(王新锋,刘建国,蒋旭.移动型RFID安全协议及其GNY逻辑分析[J].计算机应用,2008,28(9):2239-2241.) [7] LIU P, ZHANG C, OU Q. Authentication protocol of mobile RFID based on Hash function [J]. Journal of Computer Applications, 2013, 33(5): 1350-1352.(刘鹏,张昌宏,欧庆于.基于Hash函数的移动射频识别互认证安全协议设计[J].计算机应用,2013,33(5):1350-1352.) [8] EPCglobal. EPCTM radio-frequency identity protocols class-1 generation-2 UHF RFID Protocol for Communications at 860 MHz-960 MHz Version 1.2. 0[EB/OL]. [2013-03-10]. http://www.gs1.org/gsmp/kc/epcglobal/uhfc1g2/uhfc1g2_1_2_0-standard-20080511.pdf. [9] YEH T C, WU C H, TSENG Y M. Improvement of the RFID authentication scheme based on quadratic residues[J]. Computer Communications, 2011, 34(3): 337-341. [10] CHANG Y, LIN S, CHANG P. A location-privacy-protected RFID authentication scheme[C]// Proceedings of the 2011 IEEE International Conference on Communications. Piscataway: IEEE Press, 2011: 1-4. [11] DOSS R, SUNDARESAN S, ZHOU W. A practical quadratic residues based scheme for authentication and privacy in mobile RFID systems[J]. Ad Hoc Networks, 2013, 11(1): 383-396. [12] LO Y-S, CHANG H K-C, WANG S-Y. The increase of RFID privacy and security with mutual authentication mechanism in supply chain management[J]. International Journal of Electronic Business Management, 2012, 10(1): 1-4. [13] NIU B, ZHU X, CHI H, et al. Privacy and authentication protocol for mobile RFID systems[J]. Wireless Personal Communications, 2014,77(3): 1-19.
2015, Vol. 35 
