基于椭圆曲线密码的RFID系统安全认证协议研究

doi:10.3969/j.issn.1671-1122.2018.10.008

摘要/Abstract

摘要：

随着RFID技术在军事、金融、公共安全等领域的广泛应用,人们对RFID系统的安全性提出更高的要求。文章利用椭圆曲线密码（ECC）密钥短、安全性高且存储空间小的特点,设计了一种基于ECC的RFID系统双向认证协议,并用BAN逻辑形式化分析和证明了该协议能够达到预期的安全目标。与其他同类应用协议相比,该协议在抵抗跟踪攻击、拒绝服务攻击、重传攻击以及假冒攻击等方面均有较好的可信度,且能满足双向认证性、机密性、匿名性和前向安全性。该协议所需椭圆曲线点乘运算次数为3次,相比其他协议可减少60%的标签计算开销,RFID系统的执行效率可提高70%,可适用于军事物流管理及涉密文件保密等关键领域。

关键词: 椭圆曲线密码, RFID, 认证协议, BAN逻辑

Abstract:

With the widespread application of RFID technology in military, financial, public security and other fields, people put forward higher requirements for the security performance of RFID system. This paper designs a RFID system mutual authentication protocol based on the elliptic curve cryptography (ECC) by using ECC characteristics of short key, high security and small storage space, and analyzes and proves formally that the protocol can achieve the desired security targets by using BAN logic. Compared with other similar application protocols, the protocol has good reliability in resisting tracking attack, denial of service attack, retransmission attack and impersonation attack, and can satisfy mutual authentication, confidentiality, anonymity and forward security. The protocol requires for 3 times elliptic curve scalar multiplication operations, which reduces the tag computational cost by 60% compared with other protocols, while improves the implementation efficiency of the RFID system by 70%. The protocol applies to the key areas such as military logistics management and confidential documents protection.

Key words: elliptic curve cryptography, RFID, authentication protocol, BAN logic

中图分类号:

TP309

张小红, 郭焰辉. 基于椭圆曲线密码的RFID系统安全认证协议研究[J]. 信息网络安全, 2018, 18(10): 51-61.

Xiaohong ZHANG, Yanhui GUO. Research on RFID System Security Authentication Protocol Based on Elliptic Curve Cryptography[J]. Netinfo Security, 2018, 18(10): 51-61.

图/表 15

表1

图1

图2

图3

表2

表3

图4

表4

表5

表6

图5

表7

图6

表8

图7

参考文献 26

[1]	KUANG Guofang, SUN Zhaofeng.The Application of Management Information System in Internet of Things Based on RFID Technology[J]. Sensors & Transducers, 2013, 154(7): 103-112.
[2]	ZHANG Yuting, YAN Chenghua.Research on RFID Authentication Technology Based on Two-way Authentication Protocol[J].Netinfo Security, 2016, 16(1): 64-69.
	张玉婷, 严承华. 一种基于双向认证协议的RFID标签认证技术研究[J]. 信息网络安全, 2016, 16(1): 64-69.
[3]	QI Saiyu, ZHENG Yuanqing, LI Mo, et al.Secure and Private RFID-enabled Third-party Supply Chain Systems[J]. IEEE Transactions on Computers, 2016, 65(11): 3413-3426.
[4]	JIANG Zhengjun, TIAN Haibo, ZHANG Fangguo.Survey on PUF-based RFID Anti-counterfeiting Techniques[J].Netinfo Security, 2016 ,16(4): 38-43.
	蒋政君, 田海博, 张方国. 基于PUF的RFID防伪技术研究综述[J]. 信息网络安全, 2016 , 16(4): 38-43.
[5]	LEI Miao.Research on RFID System Security Protocol[D]. Beijing:Beijing University Of Posts and Telecommunications, 2015.
	雷淼. RFID系统安全协议研究[D]. 北京:北京邮电大学, 2015.
[6]	MA Qing, GUO Yajun, ZENG Qingjiang, et al.A New Ultra-lightweight RFID Mutual Authentication Protocol[J].Netinfo Security, 2016, 16(5): 44-50.
	马庆, 郭亚军,曾庆江, 等. 一种新的超轻量级RFID双向认证协议[J]. 信息网络安全, 2016 ,16(5): 44-50.
[7]	KOBLITZ N.Elliptic Curve Crypto Systems[J]. Mathematics of Computation, 1987, 48(177): 203-209.
[8]	MILLER V S.Use of Elliptic Curves in Cryptography[J]. Lecture Notes in Computer Science, 1985, 218(1): 417-426.
[9]	CHEN Wei.Design and Hardware Implementation of ECC Algorithm Based on Jacobi Projective Coordinate System[D]. Xi’an: Xidian University,2016.
	陈威. 基于雅可比加重射影坐标系的ECC算法设计及硬件实现[D]. 西安:西安电子科技大学, 2016.
[10]	CHEN Junjie.Research and Design of ECC Encryption and Decryption Algorithm Based on FPGA[D]. Xi’an: Xi’an University of Posts & Telecommunications, 2016.
	陈俊杰. 基于FPGA的ECC加解密算法研究及设计[D]. 西安:西安邮电大学, 2016.
[11]	TUYLS P, BATINA L.RFID-Tags for Anti-counterfeiting[C]// RSA. The 2006 Cryptographers' Track at the RSA Conference on Topics in Cryptology, February 13 - 17, 2006, San Jose, CA,USA. Heidelberg: Springer-Verlag Berlin, 2006: 115-131.
[12]	SCHNORR C P.Efficient Identification and Signatures for Smart Cards[M]// Springer: Advances in Cryptology — EUROCRYPT ’89. Heidelberg : Springer, Berlin, Heidelberg ,1990: 239-252.
[13]	BATINA L, GUAJARDO J, KERINS T, et al.Public-key Cryptography for RFID-tags[C]//IEEE. The Fifth Annual IEEE International Conference on Pervasive Computing and Communications Workshops, March 19-23,2007, White Plains, NY, USA.NJ:IEEE, 2007: 217-222.
[14]	OKAMOTO T. Provably Secure and Practical Identification Schemes and Corresponding Signature Schemes[EB/OL].
[15]	LEE Y K, BATINA L, VERBAUWHEDE I.EC-RAC (ECDLP-based Randomized Access Control): Provably Secure RFID Authentication Protocol[C]//IEEE. 2018 IEEE International Conference on RFID, April 16-17, 2008, Las Vegas, NV, USA.NJ:IEEE, 2008: 97-104.
[16]	ZHANG Xinglei, LI Linsen, WU Yue, et al.An ECDLP-based Randomized Key RFID Authentication protocol[C]//IEEE. 2011 International Conference on Network Computing and Information Security, May 14-15, Guilin, China. NJ:IEEE, 2011: 146-149.
[17]	CHOU J S.An Efficient Mutual Authentication RFID Scheme Based on Elliptic Curve Ccryptography[J].Journal of Supercomputing, 2014, 70(1): 75-94.
[18]	ZHANG Zezhong, QI Qingqing.An Efficient RFID Authentication Protocol to Enhance Patient Medication Safety Using Elliptic Curve Cryptography[J]. Journal of Medical Systems, 2014, 38(5): 47.
[19]	LIAO Yipin, HSIAO C M.A Secure ECC-based RFID Authentication Scheme Integrated with ID-verifier Transfer Protocol[J]. Ad Hoc Networks, 2014, 18(7): 133-146.
[20]	ZHAO Zhenguo.A Secure RFID Authentication Protocol for Healthcare Environments Using Elliptic Curve Cryptosystem[J]. Journal of Medical Systems, 2014, 38(5): 46.
[21]	HE Debiao, KUMAR N, CHILAMKURTI N, et al.Lightweight ECC-based RFID Authentication Integrated with an ID Verifier Transfer Protocol[J]. Journal of Medical Systems, 2014, 38(10): 1-6.
[22]	LEE C I, CHIEN H Y.An Elliptic Curve Cryptography-based RFID Authentication Securing E-health System[J]. International Journal of Distributed Sensor Networks, 2015, 2015(5): 1-7.
[23]	JIN Chunhua, XU Chunxiang, ZHANG Xiaojun, et al.A Secure RFID Mutual Authentication Protocol for Healthcare Environments Using Elliptic Curve Cryptography[J]. Journal of Medical Systems, 2015, 39(3): 24.
[24]	ALAMR A A, KAUSAR F, KIM J, et al.A Secure ECC-based RFID Mutual Authentication Protocol for Internet of Things[J]. Journal of Supercomputing, 2018,74(9): 4281-4294.
[25]	Qian Q, Jia Y L, Zhang R.A lightweight RFID security protocol based on elliptic curve cryptography[J]. International Journal of Network Security, 2016, 18(2): 354-361.
[26]	GÓDOR G, GICZI N, IMRE S. Elliptic Curve Cryptography-based Mutual Authentication Protocol for Low Computational Capacity RFID Systems-performance Analysis by Simulations[C]//IEEE. 2010 IEEE International Conference on Wireless Communications, Networking and Information Security, June 25-27, 2010, Beijing, China. NJ:IEEE, 2010: 650-657.

	RSA	ElGamal	ECC
安全性	亚指数级	亚指数级	指数级
单位密钥长度	1024/bit	1024/bit	160/bit

系统部分	存储参数
后端数据库	R_p,R_s,ID
读写器	R_p,R_s
标签	R_p_,ID,G

	双向认证性	机密性	匿名性	前向安全性	抗跟踪攻击	抗拒绝服务攻击	抗重传攻击	抗假冒攻击
文献[17]	√	×	√	×	√	×	√	×
文献[19]	√	√	×	√	×	×	√	×
文献[21]	√	×	√	√	×	√	√	√
文献[23]	√	√	√	√	√	√	√	√
文献[24]	√	√	√	√	√	√	√	√
本文协议	√	√	√	√	√	√	√	√

	T_H		T_EM		T_EA
	标签	后端数据库	标签	后端数据库	标签	后端数据库
文献[17]	2	2	2	3	3	2
文献[19]	0	0	5	5	2	2
文献[21]	0	0	5	5	2	2
文献[23]	2	2	4	4	1	1
文献[24]	0	0	4	5	1	1
本文协议	2	2	2	1	0	0

	标签	后端数据库	RFID系统
文献[17]	1022T_H	1527T_H	2549T_H
文献[19]	2539T_H	2539T_H	5078T_H
文献[21]	2539T_H	2539T_H	5078T_H
文献[23]	2032T_H	2032T_H	4046T_H
文献[24]	2030T_H	2537T_H	4567T_H
本文协议	1016T_H	509T_H	1525T_H