Computer Engineering and Applications ›› 2019, Vol. 55 ›› Issue (5): 83-88.DOI: 10.3778/j.issn.1002-8331.1712-0090

Previous Articles     Next Articles

Secure Bidirectional Authentication Protocol for RFID

ZHAN Shanhua1,2   

  1. 1.Department of Information Management, Guangdong Justice Police Vocational College, Guangzhou 510006, China
    2.School of Computer Science and Technology, Guangdong University of Technology, Guangzhou 510006, China
  • Online:2019-03-01 Published:2019-03-06

一种安全的射频识别双向认证协议

占善华1,2   

  1. 1.广东司法警官职业学院 信息管理系,广州 510006
    2.广东工业大学 计算机学院,广州 510006

Abstract: In the RFID system, the tag and the reader communicate wirelessly, which is easily attacked by the attacker to intercept the relevant private information. In order to ensure the communication security between the both, a bidirectional authentication protocol based on the quadratic residue theorem is proposed. The protocol uses the quadratic residue theorem to encrypt the transmitted data and it is based on the complex problem of factoring large number, so the protocol can ensure the security of the data effectively. Furthermore, random numbers are mixed into the encryption process, which makes the messages different each time so as to increase the difficulty of cracking. Besides, the use of ultra-lightweight bitwise operation, to a certain extent, can reduce the overall system computing and cost. In addition, the database introduces the check mechanism for random numbers to enable the system to resist attacks such as desynchronization attack. Security analysis shows that the security of this protocol is higher than other same kind of classical protocols which can guarantee the reliability of data transmission. Performance analysis shows that the protocol has less computational complexity and lower cost than other same kind of classical protocols.

Key words: Radio Frequency Identification(RFID), random numbers, bidirectional authentication, bitwise operation, quadratic residual theorem

摘要: 在RFID系统中,标签与读写器之间采用无线方式进行通信,易被攻击者窃取相关隐私信息,为保证两者之间通信安全,提出一种基于二次剩余定理的双向认证协议。协议采用二次剩余定理对传输数据进行加密,基于大数分解难题,有效保证数据的安全;且加密过程中,随机数的混入,使得消息每次均不相同,增大破解难度;超轻量级按位运算的引入,在一定程度上,能够降低系统整体计算量及成本;数据库端引入随机数查重校验机制,使系统能够抵抗去同步化等攻击。安全性分析表明协议较其他此类经典协议具有更高的安全性,能够保障传输数据的可靠性;性能分析表明协议较其他此类经典协议具有较低的计算量及成本。

关键词: 射频识别, 随机数, 双向认证, 按位运算, 二次剩余定理