Abstract: Aiming at the problems of security defects and low authentication efficiency in existing RFID security protocols, an improved RFID bi-directional authentication protocol based on PRF is proposed. Encrypting the random numbers generated by the reader solves the existing security risks of the protocol. Using random numbers keeps the information of the label fresh. Compared with the existing security authentication protocol, the result shows that the improved protocol not only has the characteristics of anti-tracking, anti-violent crack and anti-replay attack, but also ensures that the tag does not greatly increase the calculation.

Key words: Internet of Things（IoT）, Pseudo-Random Function（PRF）, Radio Frequency Identification（RFID）, tag’s ID

摘要： 针对在物联网应用中，现有的RFID安全认证协议存在安全缺陷和认证效率低等问题，提出了一种改进的基于PRF的RFID双向认证协议，通过对读写器产生的随机数进行加密的方法，来解决原协议存在的安全隐患问题；采用随机数使标签保持信息的新鲜性。通过和已有的此类安全认证协议进行安全性比较，结果表明改进的协议不仅具有防跟踪、抗暴力破解、防重放攻击等特点，而且保证了标签没有大幅增加计算量。

关键词: 物联网, 伪随机函数, 射频识别, 标签标识符