Journal of Computer Applications ›› 2012, Vol. 32 ›› Issue (08): 2280-2282.DOI: 10.3724/SP.J.1087.2012.02280

• Information security • Previous Articles     Next Articles

Security analysis of a RFID authentication protocol based on physically unclonable function

ZHANG Long-xiang   

  1. School of Information, Linyi University, Linyi Shandong, 276001, China
  • Received:2012-02-07 Revised:2012-03-12 Online:2012-08-28 Published:2012-08-01
  • Contact: ZHANG Long-xiang

一种基于不可复制功能的RFID认证协议的安全性分析

张龙翔   

  1. 临沂大学 信息学院,山东 临沂 276001
  • 通讯作者: 张龙翔
  • 作者简介:张龙翔(1976-),男,山东临沂人,讲师,硕士,主要研究方向:模式识别、数据库。

Abstract: The Radio Frequency IDentification (RFID) authentication protocols based on Physically Unclonale Function (PUF) is a hot research field recent years. In 2011, Bassil et al. proposed a new RFID authentication protocol based on PUF in international conference on Internet technology and secured transactions (BASSIL R, EL-BEAINO W, KAYSSI A, et al. A PUF-based ultra-lightweight mutual-authentication RFID protocol [C]// 2011 International Conference on Internet Technology and Secured Transactions. Piscataway: IEEE, 2011: 495-499). The paper analyzed the security of this protocol by an imaginative adversary and found that it cannot resist secret disclosure attack, traceability attack, reader impersonation attack and desynchronization attack. The paper described the details of these attacks and computed their success probabilities and computation complexities.

Key words: Physically Unclonable Function (PUF), Radio Frequency IDentification (RFID) system, authentication protocol, security analysis, secret disclosure attack

摘要: 基于不可复制功能(PUF)的射频识别(RFID)认证协议是近年来的研究热点。2011年,Bassil等在ITST国际会议上提出了一种新的基于PUF的RFID认证协议(BASSIL R, EL-BEAINO W, KAYSSI A, et al. A PUF-based ultra-lightweight mutual-authentication RFID protocol [C]// 2011 International Conference on Internet Technology and Secured Transactions. Piscataway: IEEE, 2011: 495-499)。分析了该认证协议的安全性,通过假设敌手参与协议,指出其不能抵抗密钥泄露攻击、跟踪攻击,也不能抵抗阅读器冒充攻击以及同步破坏攻击;同时描述了这些攻击的细节,并给出了它们的成功概率和计算复杂度。

关键词: 不可复制功能, 射频识别系统, 认证协议, 安全性分析, 密钥泄露攻击

CLC Number: