电子学报 ›› 2017, Vol. 45 ›› Issue (3): 612-618.DOI: 10.3969/j.issn.0372-2112.2017.03.016

• 学术论文 • 上一篇    下一篇

基于动态共享密钥的移动RFID双向认证协议

王国伟, 贾宗璞, 彭维平   

  1. 河南理工大学计算机科学与技术学院, 河南焦作 454000
  • 收稿日期:2015-05-29 修回日期:2015-11-09 出版日期:2017-03-25
    • 通讯作者:
    • 贾宗璞
    • 作者简介:
    • 王国伟 男,1979年生,河南省平顶山人,河南理工大学在读博士研究生.主要从事物联网安全认证协议方面的研究.E-mail:wangguowei@hpu.edu.cn;彭维平 男,1979年生,湖北天门人,工学博士,河南理工大学副教授.主要从事信息安全、物联网安全用等方面的研究.E-mail:pwp999@hpu.edu.cn
    • 基金资助:
    • 河南省科技攻关项目 (No.132102210123); 河南省教育厅重大科技攻关项目 (No.13A520321)

A Mutual Authentication Protocol of Mobile RFID Based on Dynamic Shared-Key

WANG Guo-wei, JIA Zong-pu, PENG Wei-ping   

  1. School of Computer Science and Technology, Henan Polytechnic University, Jiaozuo, Henan 454000, China
  • Received:2015-05-29 Revised:2015-11-09 Online:2017-03-25 Published:2017-03-25
    • Supported by:
    • Key Technology Research and Development Program of Henan Province (No.132102210123); Major Science and Technology Research and Development Program of Education Department of Henan Province (No.13A520321)

摘要:

针对移动无线射频识别认证协议面临的身份认证和隐私保护、动态密钥安全更新和去同步化攻击问题,提出一种可动态更新共享密钥的移动RFID双向认证协议.协议基于Hash密码机制,利用随机数同时进行密钥安全更新和身份认证,并采用对分表存储的当前和历史共享密钥进行动态添加和删除的方法,保留最后一次合法认证后的一致共享密钥.安全性能分析与效率分析表明,该协议能够实现动态密钥安全更新和身份认证、能够在遭受去同步化攻击后保证密钥同步,且具有较强的计算和存储性能.通过和同类RFID认证协议比较,协议弥补了同类RFID协议存在的不足,适用于被动式标签数量庞大的RFID系统.

关键词: 无线射频识别, 移动, 认证协议, 动态共享密钥

Abstract:

In order to solve the problems about identity authentication,privacy protection,dynamic shared-key updating and de-synchronization that emerged in mobile radio frequency identification (RFID) authentication protocols,the paper proposes a mutual authentication protocol of mobile RFID whose shared-key can be updated dynamically.Based on Hash cryptography,the proposed protocol uses pseudo-random number to perform simultaneous operations on secure shared-key updating and identity authenticating,then uses a method of dynamic deletion and addition of shared-key that respectively stored in current data table and historic data table to reserve the coherency of shared-key among backend server,reader and tag after the latest legal authentication.The securities and efficiencies analysis show that the protocol can achieve secure updates of dynamic shared-key,identity authentication and shared-key synchronization after being attacked,and in addition,the proposed protocol has strong computation and storage abilities.Compared with other similar mobile RFID protocols,the proposed protocol can make up for the deficiency of these protocols,which is suitable for RFID systems with a large number of passive tags.

Key words: radio frequency identification (RFID), mobile, authentication protocol, dynamic shared-key

中图分类号: