Abstract: Aiming at security and privacy protection problems faced in the existing RFID authentication protocol, this paper proposes a efficient RFID security authentication protocol based on Hash which can resist the denial of service attack. Using the comparison and recognition of random number on the reader, the protocol can resist the denial of service attacks. And two states of label identifier are stored in the database, in order to realize the electronic tag and the backend database data synchronization. Meanwhile, this paper theoretically analyzes the performance and security of the protocol, and the security of the protocol is formally proved by BAN logic. The analysis shows that the protocol can achieve effective mutual authentication between reader and electronic tag, and it can effectively resist the denial of service attack, and compared with other protocols it reduces the amount of calculation of RFID system. It is suitable for large-scale RFID system using electronic tags.

Key words: radio frequency identification, security authentication protocol, data synchronization, denial of service attack, BAN logic

摘要： 针对现有的RFID认证协议所面临的安全隐私保护问题，利用Hash函数加密的方法，提出了一种能抵抗拒绝服务攻击且高效的RFID安全认证协议。通过在阅读器上进行随机数的比较与识别，从而使该协议可抵抗拒绝服务攻击，并且在后台数据库中存储标签标识符的两种状态，以便实现电子标签与后台数据库的数据同步。从理论上分析了协议的性能和安全性，并利用BAN逻辑对协议的安全性进行了形式化证明。分析结果表明，该协议能够有效地实现阅读器和电子标签之间的相互认证，能有效地抵抗拒绝服务攻击且与其他协议比较，整个RFID系统的计算量减小，适用于大规模使用标签的RFID系统。

关键词: 射频识别, 安全认证协议, 数据同步, 拒绝服务攻击, BAN逻辑