信息网络安全 ›› 2018, Vol. 18 ›› Issue (1): 80-87.doi: 10.3969/j.issn.1671-1122.2018.01.012

• • 上一篇    下一篇

物联网中增强安全的RFID认证协议

李智聪1, 周治平1,2   

  1. 1. 江南大学物联网工程学院,江苏无锡 214122
    2.江南大学物联网技术应用教育部工程研究中心,江苏无锡 214122
  • 收稿日期:2017-10-09 出版日期:2018-01-20 发布日期:2020-05-11
  • 作者简介:

    作者简介:李智聪(1992—),男,河南,硕士研究生,主要研究方向为RFID安全认证;周治平(1962—),男,江苏,教授,博士,主要研究方向为信息安全、检测技术与自动化装置等。

  • 基金资助:
    国家自然科学基金[61373126]

Enhanced Secure RFID Authentication Protocol in IoT

Zhicong LI1, Zhiping ZHOU1,2   

  1. 1. School of IoT Engineering, Jiangnan University, Wuxi Jiangsu 214122, China
    2. Engineering Research Center of Internet of Things Technology Applications Ministry of Education, Jiangnan University, Wuxi Jiangsu 214122, China
  • Received:2017-10-09 Online:2018-01-20 Published:2020-05-11

摘要:

随着物联网技术的发展,RFID呈现大规模的应用需求。为了实现强隐私的保护机制,研究者们考虑采用公钥加密机制设计协议,通过分析部分采用ECC加密的RFID协议,发现此类协议中存在认证函数线性问题造成的弱安全性。文章利用其线性弱点,对AlAMR等人协议进行了跟踪攻击和中间人攻击,并基于此设计了新的协议。采用DH理论生成通信实体间的共享秘密并将其作为随机化的新鲜因子,保证数据流的新鲜性和不可预测性,避免跟踪攻击的威胁;通过异或操作联合新鲜因子和标签属性值构建通信数据对应的函数,解除认证函数线性问题,避免了中间人攻击;针对系统规模的不可扩展性问题,在认证函数设计中融合ID验证传输的思想,实现常数级服务器的搜索复杂度。协议的设计考虑了所有通信实体间不安全信道的情况,通过对协议性能的统计分析可以看出,该协议相比同类型协议更能满足物联网的发展需求。

关键词: 物联网, RFID, 不可追踪, 隐私, 跟踪攻击

Abstract:

With the development of Internet of things technology, large-scale popularization of RFID applications will appear. In order to realize the protection mechanism of strong privacy, researchers consider using public key encryption mechanism to design protocols. By analyzing some RFID protocols using ECC encryption, it is found that the authentication function is linear in such protocols, which cause the weak security of protocols. Utilizing its linear weakness, it can be found that AlAMR’s protocol is vulnerable to man-the-middle attack and tracking attack. In view of this, a new protocol is designed, this paper uses DH theory to generate the shared secret between the communication entities and set the shared secret as randomized fresh factors, which ensure the freshness and unpredictability of the data stream and avoid tracking attacks. This paper constructs the function corresponding to the communication data through combining these fresh factors and attribute values of the tag by XOR operation, which solve the problem of linearity of the authentication function and avoid the man-the-middle attack. Aiming at the problem of non-scalability of system scale, the idea of ID-verifier transfer is fused into the design of authentication functions to realize the search complexity of a constant level. The designed protocol considers the insecure channel among all communication entities. Through the statistical analysis of the performance of the protocol, the protocol can better meet the development needs of IoT compared with the same type of protocol.

Key words: IoT, RFID, untraceable, privacy, tracking attack

中图分类号: