信息网络安全 ›› 2016, Vol. 16 ›› Issue (5): 44-50.doi: 10.3969/j.issn.1671-1122.2016.05.007

• 技术研究 • 上一篇    下一篇

一种新的超轻量级RFID双向认证协议

马庆1, 郭亚军1(), 曾庆江1, 徐铎2   

  1. 1.华中师范大学计算机学院,湖北武汉 430079
    2.北京警察学院,北京 102202
  • 收稿日期:2016-04-02 出版日期:2016-05-20 发布日期:2020-05-13
  • 作者简介:

    马庆(1993—),男,河南,硕士研究生,主要研究方向为信息安全;郭亚军(1965—),男,湖北,教授,博士,主要研究方向为信息安全;曾庆江(1966—),男,湖北,工程师,硕士,主要研究方向为数据挖掘;徐铎(1993—),男,湖北,本科,主要研究方向为网络安全与执法。

  • 基金资助:
    国家自然科学基金[61170017].中央高校基本科研业务费[CCNU2015GF0004]

A New Ultra-lightweight RFID Mutual Authentication Protocol

Qing MA1, Yajun GUO1(), Qingjiang ZENG1, Duo XU2   

  1. 1.School of Computer Science, Central China Normal University, Wuhan Hubei 430079, China
    2.Beijing Police College, Beijing 102202, China
  • Received:2016-04-02 Online:2016-05-20 Published:2020-05-13

摘要:

文章针对当前典型的一类超轻量级RFID安全认证协议,首先给出了一种非同步攻击方案,随后分析了RAPP协议中存在的安全问题,最后提出一种改进的超轻量级RFID双向认证协议PAPP。新的协议改进了RAPP协议对消息的设计,并在标签存储中加入了只属于标签的伪随机数信息。伪随机数会在标签产生消息前进行更新,保证了标签端消息的新鲜性。该协议避免了已有RFID认证协议存在的安全缺陷。安全和性能分析表明该协议具有很强的安全和隐私保护属性,而且能抵抗各种恶意攻击,并且满足低成本RFID标签的要求。

关键词: RFID, 超轻量级协议, 非同步攻击

Abstract:

Targeting to current typical ultra-lightweight RFID security authentication protocol, we proposed a desynchronization attack scheme. Then we analyzed the security vulnerabilities of RAPP protocol and proposed a novel ultra-lightweight RFID mutual authentication protocol named PAPP, which avoided the security hole in the previous RFID authentication protocols. The new protocol improved the design of the message of RAPP protocol, and added a random number that belongs only to the label, Random number would be updated in advance to ensure the freshness of the messge generated by the tag. Security analysis and performance evaluation showed that the protocol had not only possessed robust security and privacy protection properties, but also could resist various attacks and fit for the requirement of low-cost RFID system.

Key words: RFID, ultra-lightweight Protocol, desynchronization attack

中图分类号: