计算机工程与应用 ›› 2018, Vol. 54 ›› Issue (16): 68-75.DOI: 10.3778/j.issn.1002-8331.1704-0165

• 网络、通信与安全 • 上一篇    下一篇

适用于低成本标签的移动RFID认证协议

苏  彬1,3,程  玲2,崔宝江1   

  1. 1.北京邮电大学 网络空间安全学院,北京 100876
    2.新疆工程学院 计算机工程系,乌鲁木齐 830091
    3.山西职业技术学院 计算机工程系,太原 030006
  • 出版日期:2018-08-15 发布日期:2018-08-09

Mobile RFID authentication protocol for low-cost tags

SU Bin1,3, CHENG Ling2, CUI Baojiang1   

  1. 1.School of Cyberspace Security, Beijing University of Posts and Telecommunications, Beijing 100876, China
    2.Department of Computer Engineering, Xinjiang Institute of Engineering, Urumuqi 830091, China
    3.Department of Computer Engineering, Shanxi Polytechnic College, Taiyuan 030006, China
  • Online:2018-08-15 Published:2018-08-09

摘要: 移动RFID系统中,阅读器与服务器之间的通道安全假设不再成立,针对这种情况,分析了当前移动RFID认证协议的安全及性能问题,建立了移动RFID安全隐私模型;基于该模型,在兼容EPC Class-1 Generation-2低成本标签系统的基础上,提出了一种能够抵抗假冒攻击、去同步化攻击,且提供前向安全隐私保护的双向认证协议;通过安全性证明与性能比较分析,表明该协议达到了设计目的,可适用于较大规模的低成本标签移动RFID系统。

关键词: 移动RFID, 安全模型, 认证协议, 低成本标签, 双向认证

Abstract: In the mobile RFID system, the channel between reader and server is usually insecure, therefore the security and performance of current mobile RFID authentication protocol is analyzed. The mobile RFID security privacy model is established. Based on the model, a mutual authentication protocol, which can resist impersonation attack and desynchronization attack, as well as provide the forward secrecy protection, is proposed. It is compatible with EPC Class-1 Generation-2 low-cost tag system. Security proof and performance analysis show that the protocol not only achieves the designing purpose, but also can be applied to the large scale mobile RFID system with low-cost tag.

Key words: mobile RFID, security model, authentication protocol, low-cost tag, mutual authentication