RFID Mutual Authentication Protocol on Pseudo-random Hash Function with Shared Secrets
SHI Leyi①② JIA Cong① GONG Jian② LIU Xin① CHEN Honglong①
①(College of Computer and Communication Engineering, China University of Petroleum, Qingdao 266555, China) ②(Shanghai Key Laboratory of Financial Information Technology, Shanghai 200433, China)
Concerning the resource-limited RFID tags, this paper presents a lightweight mutual authentication scheme based on Hash function, combining with the pseudo-random number and shared secret mechanisms, and implements the mutual authentication among the end database, reader and the tags. The anti-attack performance and the overhead of the scheme are analyzed in detail. Afterwards, the protocol security model is formalized using BAN logical analysis method. Theoretical analysis shows that the proposed authentication scheme could achieve the desired security goals, has good anti-attack performance and high efficiency. It can be applied to big population RFID since its low overhead for RFID tags.
石乐义,贾聪,宫剑,刘昕, 陈鸿龙. 基于共享秘密的伪随机散列函数RFID双向认证协议[J]. 电子与信息学报, 2016, 38(2): 361-366.
SHI Leyi, JIA Cong, GONG Jian, LIU Xin, CHEN Honglong. RFID Mutual Authentication Protocol on Pseudo-random Hash Function with Shared Secrets. JEIT, 2016, 38(2): 361-366.
HUANG H F, YU P K, and LIU K C. A privacy and authentication protocol for mobile RFID system[C]. 2014 IEEE International Symposium on Independent Computing, IEEE, Orlando, USA, 2014: 1-6.
[2]
NYALAMADUGU S, LIU J, and DE VELASCO CORTINA F M. Methods and apparatus for preserving privacy in an RFID system[P]. U.S. Patent 8710960. 2014.
[3]
LI N, MU Y, SUSILO W, et al. Privacy-preserving Authorized RFID Authentication Protocols[M]. Radio Frequency Identification: Security and Privacy Issues. Springer International Publishing, Berlin, Germany, 2014: 108-122.
[4]
PERIS-LOPEZ P, ORFILA A, PALOMAR E, et al. A secure distance-based RFID identification protocol with an off-line back-end database[J]. Personal and Ubiquitous Computing, 2012, 16(3): 351-365.
[5]
HAN S, DILLON T, POTDAR V, et al. RFID mutual authentication protocols for tags and readers with and without a server[J]. Computer Systems Science and Engineering, 2013, 28(2): 91-99.
[6]
CHO J S, YEO S S, and KIM S K. Securing against brute- force attack: A hash-based RFID mutual authentication protocol using a secret value[J]. Computer Communications, 2011, 34(3): 391-397.
[7]
CHO J S, JEONG Y S, and PARK S O. Consideration on the brute-force attack cost and retrieval cost: A hash-based radio- frequency identification (RFID) tag mutual authentication protocol[J]. Computers & Mathematics with Applications, 2012: 1-8.
[8]
Kim H. RFID mutual authentication protocol based on synchronized secret[J]. International Journal of Security & Its Applications, 2013, 7(4): 37-49.
[9]
SAFKHANI M, PERIS-LOPEZ P, HERNANDEZ-CASTRO J C, et al. Cryptanalysis of the Cho et al. protocol: a hash-based RFID tag mutual authentication protocol[J]. Journal of Computational and Applied Mathematics, 2014, 259: 571-577.
DING Z, LI J, and FENG B. Research on Hash-based RFID security authentication protocol[J]. Journal of Computer Research and Development, 2009, 46(4): 583-592.
Information technology-radio frequency identification air interface protocol at 800/900 MHz[S]. Beijing: Standards Press of China, 2013, GB/T 29768-2013.
[16]
WANG J, FLOERKEMEIER C, and SARMA S E. Session-based security enhancement of RFID systems for emerging open-loop applications[J]. Personal and Ubiquitous Computing, 2014, 18(8): 1881-1891.
[17]
MAMUN M S I and MIYAJI A. A privacy-preserving efficient RFID authentication protocol from SLPN assumption[J]. International Journal of Computational Science and Engineering, 2015, 10(3): 234-243.
[18]
SHOARINEJAD K and SOLTAN M. Systems and methods for RFID security[P]. U.S. Patent Application 14/592,455. 2015-1-8.
[19]
BURROWS M, ABADI M, and NEEDHAM R M. A logic of authentication[C]. Proceedings of the Royal Society of London. A: Mathematical and Physical Sciences. The Royal Society, London, 1989, 426(1871): 233-271.