基于共享秘密的伪随机散列函数RFID双向认证协议

doi:10.11999/JEIT150653

摘要
图/表
参考文献(19)
相关文章 (15)

全文: PDF (241 KB)
输出: BibTeX | EndNote (RIS)

摘要

针对资源受限的RFID标签，结合伪随机数和共享秘密机制，该文提出一种基于散列函数的轻量级双向认证协议，实现了后端数据库、阅读器和标签之间的双向认证。详细分析了双向认证协议的抗攻击性能和效率性能，并基于BAN逻辑分析方法对协议模型进行了形式化证明。理论分析表明，该文提出的认证协议能够实现预期安全目标，抗攻击性能好，认证执行效率高且标签开销小，适用于大数量的RFID应用。

	服务

	把本文推荐给朋友
	加入我的书架
	加入引用管理器
	E-mail Alert
	RSS
	作者相关文章
	石乐义
	贾聪
	宫剑
	刘昕
	陈鸿龙

关键词 ：射频识别, 双向认证协议, 隐私保护, BAN逻辑, 散列函数

Abstract：

Concerning the resource-limited RFID tags, this paper presents a lightweight mutual authentication scheme based on Hash function, combining with the pseudo-random number and shared secret mechanisms, and implements the mutual authentication among the end database, reader and the tags. The anti-attack performance and the overhead of the scheme are analyzed in detail. Afterwards, the protocol security model is formalized using BAN logical analysis method. Theoretical analysis shows that the proposed authentication scheme could achieve the desired security goals, has good anti-attack performance and high efficiency. It can be applied to big population RFID since its low overhead for RFID tags.

Key words： Radio Frequency IDentification (RFID) Mutual authentication protocol Privacy protection BAN logic Hash function

收稿日期: 2015-06-01 出版日期: 2015-12-18

PACS:

TP391.45

基金资助:

国家自然科学基金(61309024)，上海市金融信息技术研究重点实验室开放课题(2015)，山东省重点研发计划项目(2015GGX101045)

通讯作者: 石乐义：男，1975年生，博士，教授，硕士生导师，研究方向为网络与信息安全、博弈理论、移动计算. E-mail: shileyi@upc.edu.cn

作者简介: 石乐义：男，1975年生，博士，教授，硕士生导师，研究方向为网络与信息安全、博弈理论、移动计算. 贾　聪：男，1989年生，硕士生，研究方向为网络与信息安全、移动支付安全. 宫　剑：男，1975年生，硕士，高级工程师，研究方向为金融信息管理. 刘　昕：女，1974年生，博士，讲师，研究方向为网络与信息安全、社会计算. 陈鸿龙：男，1982年生，博士，副教授，研究方向为无线传感器网络、网络安全、物联网.

引用本文:

石乐义,贾聪,宫剑,刘昕, 陈鸿龙. 基于共享秘密的伪随机散列函数RFID双向认证协议[J]. 电子与信息学报, 2016, 38(2): 361-366. SHI Leyi, JIA Cong, GONG Jian, LIU Xin, CHEN Honglong. RFID Mutual Authentication Protocol on Pseudo-random Hash Function with Shared Secrets. JEIT, 2016, 38(2): 361-366.

链接本文:

http://jeit.ie.ac.cn/CN/10.11999/JEIT150653 或 http://jeit.ie.ac.cn/CN/Y2016/V38/I2/361

[1]	HUANG H F, YU P K, and LIU K C. A privacy and authentication protocol for mobile RFID system[C]. 2014 IEEE International Symposium on Independent Computing, IEEE, Orlando, USA, 2014: 1-6.
[2]	NYALAMADUGU S, LIU J, and DE VELASCO CORTINA F M. Methods and apparatus for preserving privacy in an RFID system[P]. U.S. Patent 8710960. 2014.
[3]	LI N, MU Y, SUSILO W, et al. Privacy-preserving Authorized RFID Authentication Protocols[M]. Radio Frequency Identification: Security and Privacy Issues. Springer International Publishing, Berlin, Germany, 2014: 108-122.
[4]	PERIS-LOPEZ P, ORFILA A, PALOMAR E, et al. A secure distance-based RFID identification protocol with an off-line back-end database[J]. Personal and Ubiquitous Computing, 2012, 16(3): 351-365.
[5]	HAN S, DILLON T, POTDAR V, et al. RFID mutual authentication protocols for tags and readers with and without a server[J]. Computer Systems Science and Engineering, 2013, 28(2): 91-99.
[6]	CHO J S, YEO S S, and KIM S K. Securing against brute- force attack: A hash-based RFID mutual authentication protocol using a secret value[J]. Computer Communications, 2011, 34(3): 391-397.
[7]	CHO J S, JEONG Y S, and PARK S O. Consideration on the brute-force attack cost and retrieval cost: A hash-based radio- frequency identification (RFID) tag mutual authentication protocol[J]. Computers & Mathematics with Applications, 2012: 1-8.
[8]	Kim H. RFID mutual authentication protocol based on synchronized secret[J]. International Journal of Security & Its Applications, 2013, 7(4): 37-49.
[9]	SAFKHANI M, PERIS-LOPEZ P, HERNANDEZ-CASTRO J C, et al. Cryptanalysis of the Cho et al. protocol: a hash-based RFID tag mutual authentication protocol[J]. Journal of Computational and Applied Mathematics, 2014, 259: 571-577.
[10]	周晔. 基于Hash链的RFID双向认证协议研究[D]. [硕士论文], 西南交通大学, 2012.
	ZHOU Y. Research on RFID mutual authentication protocol based on Hash chain[D]. [Master dissertation], South West Jiaotong University, 2012.
[11]	丁振华, 李锦涛, 冯波. 基于 Hash 函数的 RFID 安全认证协议研究[J]. 计算机研究与发展, 2009, 46(4): 583-592.
	DING Z, LI J, and FENG B. Research on Hash-based RFID security authentication protocol[J]. Journal of Computer Research and Development, 2009, 46(4): 583-592.
[12]	孙肖, 赵泽茂. 一种基于哈希函数的RFID双向认证协议[J]. 杭州电子科技大学学报, 2012, 32(6): 29-32.
	SUN X and ZHAO Z. A Hash-based mutual authentication protocol for the RFID system[J]. Journal of Hangzhou Dianzi University, 2012, 32(6): 29-32.
[13]	蔡豪. RFID安全认证协议的研究与设计[D]. [硕士论文], 华中科技大学, 2010.
	CAI H. Studies on RFID security authentication protocol[D]. [Master dissertation], Huazhong University of Science & Technology, 2010.
[14]	李斌. RFID安全协议的研究[D]. [硕士论文], 复旦大学, 2012.
	LI B. Research on RFID security protocol[D]. [Master dissertation], Fudan University, 2012.
[15]	信息技术射频识别800/900 MHz空中接口协议[S]. 北京: 中国标准出版社, 2013, GB/T29768-2013.
	Information technology-radio frequency identification air interface protocol at 800/900 MHz[S]. Beijing: Standards Press of China, 2013, GB/T 29768-2013.
[16]	WANG J, FLOERKEMEIER C, and SARMA S E. Session-based security enhancement of RFID systems for emerging open-loop applications[J]. Personal and Ubiquitous Computing, 2014, 18(8): 1881-1891.
[17]	MAMUN M S I and MIYAJI A. A privacy-preserving efficient RFID authentication protocol from SLPN assumption[J]. International Journal of Computational Science and Engineering, 2015, 10(3): 234-243.
[18]	SHOARINEJAD K and SOLTAN M. Systems and methods for RFID security[P]. U.S. Patent Application 14/592,455. 2015-1-8.
[19]	BURROWS M, ABADI M, and NEEDHAM R M. A logic of authentication[C]. Proceedings of the Royal Society of London. A: Mathematical and Physical Sciences. The Royal Society, London, 1989, 426(1871): 233-271.