Abstract: Aiming at security vulnerabilities of the existing Radio Frequency Identification（RFID） authentication protocols, a novel anti-malicious attack mutual authentication protocol for RFID is proposed. The formal proof of the proposed authentication protocol is given based on GNY logic. The scheme combines public key encryption and symmetric cryptosystem, which adopts the method of reader dual-authentication and key refreshing during pre-
authentication phase. The protocol achieves the anti-desynchronization requirement by adding flag Tm of malicious attacks into the tag, which solves problems of low authentication efficiency, location tracking due to failure of renewing the key of tag, and Denial of Service（DoS） resulting from illegally updating inner keys of tag/server in the existed schemes. It can resist several malicious attacks including replay, tag/reader impersonation, traffic analysis and desynchronization, etc. Analysis results show that the new protocol is of good security, high efficiency and limited computational complexity, which fit for large scale tag applications.

Key words: Radio Frequency Identification（RFID）, malicious attack, privacy preserving, authentication protocol, scalability, GNY logic

摘要： 针对现有无线射频识别（RFID）认证机制存在的安全缺陷，提出一种新型抗恶意攻击的RFID双向认证协议，并基于GNY逻辑给出了协议的安全性证明。该协议将公钥加密算法和对称密钥加密算法相结合，采用阅读器双重认证及预认证阶段刷新密钥的方法，通过在标签中添加保护密钥同步的恶意攻击标记Tm，解决了当前协议中存在的认证效率较低，标签密钥更新失败导致位置跟踪和非法更新标签/服务器内部密钥造成拒绝服务（DoS）等问题，可抵抗重传，标签/阅读器假冒，通信量分析和去同步化等多种恶意攻击。分析结果表明：该协议具有安全性好，效率高，计算复杂度低等特点，适合于标签的大规模应用。

关键词: 无线射频识别, 恶意攻击, 隐私保护, 认证协议, 可扩展性, GNY逻辑