面向RFID的轻量级双向认证协议

doi:10.3778/j.issn.1002-8331.2205-0362

摘要/Abstract

摘要： 为了提高无线射频识别（RFID）系统执行身份认证的效率和解决通信双方身份隐私保护问题，提出一种新的轻量级RFID双向认证协议，该协议主要采用ECC密码算法和Hash函数。基于Hash函数、ECC密码算法与或运算，使用随机数生成器生成不可预测的消息认证码以保障双向认证时传输消息的新鲜性；通过椭圆曲线加密算法隐藏通信双方的真实身份，基于ECDLP（椭圆曲线离散对数问题）困难问题，在保证身份隐私的前提下，采用两轮消息交互的模式让通信双方相互验证新鲜的消息认证码来实现协议的双向认证；通过指定密钥种子协商出标签和服务器的共享会话密钥，并设计密钥自动更新机制以实现双方的密钥同步。与部分典型的双向认证协议进行分析对比，所提出的双向认证协议相较同类的双向认证协议最多节省近40%的计算时间和25%的存储空间，并且能够支持多种安全需求和抵抗不同的恶意攻击。

关键词: Hash函数, 椭圆曲线加密算法（ECC）, 无线射频识别（RFID）, 双向认证协议, 安全性分析

Abstract: In order to improve the efficiency of identifying authentication in radio frequency identification（RFID） system and solve the problem of protecting privacy of communication participants, a novel lightweight RFID bidirectional authentication protocol is proposed. The protocol adopts ECC cryptographic algorithm and Hash function. Firstly, based on Hash function, ECC cryptographic algorithm and or operation, the random number generator is used to generate the unpredictable message authentication code to ensure the freshness of transmitted information during bidirectional authentication. Then, the real identity of the communication participants is hidden via using elliptic curve encryption algorithm. Based on ECDLP difficult problem and ensuring the identity privacy, the protocol adopted two rounds of message interaction mode for the communication participants to verify the fresh message authentication code, so as to achieve the bidirectional authentication. Finally, the shared session key of the tag and server is negotiated by specifying the key seed. The automatic rekeying mechanism is designed to realize the key synchronization between the two participants. In comparison with some typical bidirectional authentication protocols, the proposed bidirectional authentication protocol can save the computation time by up to 40% and the storage space by up to 25%. In addition, it can support the multiple security requirements and resist different malicious attacks.

Key words: Hash function, elliptic curve cryptography（ECC）, radio frequency identification（RFID）, bidirectional authentication protocol, safety analysis

贺嘉琦, 彭长根, 付章杰, 许德权, 汤寒林. 面向RFID的轻量级双向认证协议[J]. 计算机工程与应用, 2023, 59(18): 268-277.

HE Jiaqi, PENG Changgen, FU Zhangjie, XU Dequan, TANG Hanlin. Lightweight Bidirectional Authentication Protocol for RFID[J]. Computer Engineering and Applications, 2023, 59(18): 268-277.

参考文献

[1] 李涛，刘亚丽.一种基于双PUF的RFID认证协议[J].计算机研究与发展，2021，58（8）：1801-1810.
LI T，LIU Y L.A double PUF-based RFID authentication protocol[J].Journal of Computer Research and Development，2021，58（8）：1801-1810.
[2] LIU Y L，YIN X C，DONG Y Q，et al.Lightweight authentication scheme with inverse operation on passive RFID tags[J].Journal of the Chinese Institute of Engineers，2019，42（1）：74-79.
[3] 葛云峰.基于RFID的轻量级安全认证协议的文献综述[J].网络安全技术与应用，2020，23（8）：19-22.
GE Y F.Literature review on lightweight security authentication protocol based on RFID[J].Network Security Technology & Application，2020，23（8）：19-12.
[4] 甘勇，许允倩，贺蕾，等.RFID系统的安全及隐私综述[J].网络安全技术与应用，2015（12）：69-71.
GAN Y，XU Y Q，HE L，et al.A review on security and privacy of RFID system[J].Network Security Technology & Application，2015（12）：69-71.
[5] SARMA S E，WEIS S A，ENGELS D W.RFID systems and security and privacy implications[C]//Cryptographic Hardware and Embedded System.Berlin：Springer，2002：454-469.
[6] WEIS S A，SARMA S E，RIVEST R L，et al.Security and privacy aspects of low-cost radio frequency identification systems[C]//Security in Pervasive Computing.Berlin：Springer，2004：201-212.
[7] YONG K L，SAKIYAMA K，BATINA L，et al.Ellitic-curve-based security processor for RFID[J].IEEE Transactions on Computers，2008，57（11）：1514-1527.
[8] 斯廷森.密码学原理与实践[M].冯登国，译.3版.北京：电子工业出版社，2009：92-94.
STINSON D R.Cryptography theory and practice[M].FENG D G.3rd ed.Beijing：Publishing House of Electronics Industry，2009：92-94.
[9] TUYLS P，BATINA L.RFID-tags for anti-counterfeiting[C]//Topics in Cryptology-CT-RSA 2006，The Cryptographers’ Track at the RSA Conference 2006，San Jose，February 13-17，2006.Berlin，Heidelberg：Springer，2006：115-131.
[10] SCHNORR C P.Efficient signature generation by smart cards[J].Journal of Cryptography，1991，4（3）：161-174.
[11] BATINA L，GUAJARDO J，KERINS T，et al.Public-key cryptography for RFID-tags[C]//Fifth Annual IEEE International Conference on Pervasive Computing and Communications Workshops（PerComW’07），New York，March 19-23，2007.Los Alamitos，CA：IEEE Computer Society，2008：217-222.
[12] OKAMOTO T.Provably secure and practical identification schemes and corresponding signature schemes[C]//Advances in Cryptology-CRYPTO’92，Santa Barbara，California，August 16-20，1992.Berlin，Heidelberg：Springer，1992：31-53.
[13] LEE Y K，BATINA L，VERBAUWHEDE I.EC-RAC（ECDLP Based Randomized Access Control）：provably secure RFID authentication protocol[C]//Proceedings of the 2008 IEEE International Conference on RFID，Las Vegas，April 16-17，2008.Piscataway，NJ：IEEE，2008：97-104.
[14] ZHANG X L，LI L S，WU Y，et al.An ECDLP-based randomized key RFID authentication protocol[C]//Proceedings of the 2011 International Conference on Network Computing and Information Security，Guilin，China，May 14-15，2011.Piscataway，NJ：IEEE，2011：146-149.
[15] LIAO Y P，HSIAO C.A secure ECC-based RFID authentication scheme using hybrid protocols[M]//Advances in intelligent systems and applications-volume 2.Berlin，Heidelberg：Springer，2013：1-13.
[16] ZHAO Z G.A secure RFID authentication protocol for healthcare environments using elliptic curve cryptosystem[J].Journal of Medical Systems，2014，38（5）：46.
[17] CHOU J S.An efficient mutual authentication RFID scheme based on elliptic curve cryptography[J].The Journal of Supercomputing，2014，70（1）：75-94.
[18] ALAMR A，KAUSAR F，KIM J S.Secure mutual authentication protocol for RFID based on elliptic curve cryptography[C]//Proceedings of the 2016 International Conference on Platform Technology and Service（PlatCon），Jeju，Korea（South），Feb 15-17，2016.Piscataway，NJ：IEEE，2016：1-7.
[19] ZHENG L，XUE Y，ZHANG L，et al.Mutual authentication protocol for RFID based on ECC[C]//Proceedings of the 2017 IEEE International Conference on Computational Science and Engineering（CSE） and IEEE International Conference on Embedded and Ubiquitous Computing（EUC），Guangzhou，China，July 21-24，2017.Piscataway，NJ：IEEE，2017：320-323.
[20] DINARVAND N，BARATI H.An efficient and secure RFID authentication protocol using elliptic curve cryptography[J].Wireless Networks，2019，25（1）：415-428.
[21] KOBLITZ N.Elliptic curve cryptosystems[J].Mathematics of Computation，1987，48（177）：203-209.
[22] JAGER T，SCHWENK J，SOMOROVSKY J.Practical invalid curve attacks on TLS-ECDH[C]//European Symposium on Research in Computer Security，Computer Security（ESORICS 2015），Vienna，Austria，September 21-25，2015.Cham，Switzerland：Springer，2015：407-425.
[23] BELLARE M，ROGAWAY P.Random oracles are practical：a para-digm for designing efficient protocols[C]//Proceedings of the First Annual Conference on Computer and Communications Security，Virginia，United States，November 03-05，1993.New York，NY：ACM，1993：62-73.