Large-scale Mobile RFID System Shamir’s Key Sharing PUF Security Authentication Protocol

doi:10.3969/j.issn.1671-1122.2020.06.004

Abstract

Abstract:

Aiming at the diverse and serious security risks of large-scale mobile RFID systems, a Shamir’s key sharing scheme security authentication protocol is studied. The two-step session key generation mechanism based on PUF can avoid the counterfeiting attack caused by physical intrusion on tags and readers. The server authenticates the legality of the reader to comply the application scenario of the mobile RFID system. The timestamp threshold and update mechanism are used to defend against replay attacks. To meet the requirements of large-scale RFID systems, Shamir’s key sharing scheme is adopted to reduce the computational overhead of server search. The improved Vaudenay model is used to prove the security and privacy of the authentication protocol, the results show that the protocol can resist multiple attacks. Using C# to simulate the time-consuming of server authentication, the results show that the time spent on protocol server authentication in this paper has obvious advantages over other protocols, which meets the application requirements of large-scale mobile RFID systems.

Key words: RFID, PUF, security authentication protocol, Shamir’s key sharing, Vaudenay model

CLC Number:

TP309

SUN Ziwen, ZHANG Xiangyang. Large-scale Mobile RFID System Shamir’s Key Sharing PUF Security Authentication Protocol[J]. Netinfo Security, 2020, 20(6): 26-35.

Figures/Tables 11

References 16

[1]	BONO S, GREEN M, STUBBLEFIELD A, et al. Security Analysis of a Cryptographically-enabled RFID Device[EB/OL]. https://www.researchgate.net/publication/228651694_Security_analysis_of_a_cryptographically-enabled_RFID_device, 2019 -8-9.
[2]	DOSS R, SUNDARESAN S, ZHOU W. Apractical Quadratic Residues Based Scheme for Authentication and Privacy in Mobile RFID Systems[J]. Ad Hoc Networks, 2013,11(1):383-396.
[3]	YANG Yulong, PENG Changgen, ZHOU Zhou. Mobile RFID Security Authentication Protocol Based on Edwards Curve[J]. Journal of Communications, 2014,35(11):132-137.
	杨玉龙, 彭长根, 周洲, 等. 基于Edwards曲线的移动RFID安全认证协议[J]. 通信学报, 2014,35(11):132-137.
[4]	SANDHYA M, RANGASWAMY T R. A Secure and Effecient Authentication Protocol for Mobile RFID Systems[J]. Journal of Digital Information Management, 2011,9(3):99-105.
[5]	LIU Peng, ZHANG Changhong, OU Qingyu. Hash Function-based Mobile Radio Frequency Identification Mutual Authentication Security Protocol Involves[J]. Computer Application, 2013,33(5):1350-1352.
	刘鹏, 张昌宏, 欧庆于. 基于Hash函数的移动射频识别互认证安全协议涉及[J]. 计算机应用, 2013,33(5):1350-1352.
[6]	WANG Guowei, JIA Zongpu, PENG Weiping. Mobile RFID Two-way Authentication Protocol Based on Dynamic Shared Key[J]. Journal of Electronics, 2017,45(3):612-618.
	王国伟, 贾宗璞, 彭维平. 基于动态共享密钥的移动RFID双向认证协议[J]. 电子学报, 2017,45(3):612-618.
[7]	SUN Ziwen, LI Song. Lightweight RFID Mobile Authentication Protocol Using PUF to Protect Location Privacy[J]. Computer Science and Exploration, 2019,13(3):418-428.
	孙子文, 李松. 采用PUF保护位置隐私的轻量级RFID移动认证协议[J]. 计算机科学与探索, 2019,13(3):418-428.
[8]	PAPPU R. Physical One-way Function[EB/OL]. https://www.docin.com/p-1684681622.html, 2019 -8-11.
[9]	CHIOU S Y, CHANG S Y. An Enhanced Authentication Scheme in Mobile RFID System[EB/OL]. https://www.researchgate.net/publication/321861476_An_Enhanced_Authentication_Scheme_in_Mobile_RFID_System, 2019 -8-12.
[10]	RONG Huigui, MO Jinxia, CHANG Bingguo, et al. Key Distribution and Recovery Algorithm Based on Shamir Secret Sharing[J]. Journal of Communications, 2015,36(3):60-69.
	荣辉桂, 莫进侠, 常炳国, 等. 基于Shamir秘密共享的密钥分发与恢复算法[J]. 通信学报, 2015,36(3):60-69.
[11]	VAUDENAY S. On privacy models for RFID[M]. Advances in Cryptology-ASIACRYPT 2007. Heidelberg: Springer, 2007: 68-87.
[12]	SHAMIR A. How to Share A Secret[J]. Communications of the ACM, 1979,22(11):612-613.
[13]	LIU Y, EZERMAN M F, WANG H. Double Verification Protocol via Secret Sharing for Low-cost RFID Tags[EB/OL]. https://www.onacademic.com/detail/journal_1000040419206110_45fd.html, 2019 -8-11.
[14]	ARMKNECHT F, MAES R, SADEGHI A, et al. A Formalization of the Security Features of Physical Functions [C]// 2011 IEEE Symposium. Security and Privacy, May 22-25, 2011, Berkeley, CA, USA. New Jersey: IEEE, 2011: 397-412.
[15]	LI Changting, ZHANG Qinglong, LIU Zongbin. FROPUF: Extract More Entropy from FPGA-based Oscillator Ring PUF[J]. Journal of Information Security, 2018,3(1):16-30.
[16]	ALAGHEBAND M R, AREF M R. Simulation-based Traceability Analysis of RFID Authentication Protocols[M]. California: Kluwer Academic Publishers, 2014.

符号	注释
${{R}_{j}}/{{T}_{i}}/S$	第$j$个读写器/第$i$个标签/服务器
$T\_I{{D}_{i}}/R\_I{{D}_{j}}$	第$i$个标签/第$j$个读写器标识符
$({{x}_{j}},{{y}_{j}})/({{x}_{i}},{{y}_{i}})/({{x}_{s}},{{y}_{s}})/{{k}_{main}}$	第$j$个读写器/第$i$个标签/服务器中影子密钥对/主密钥
$PUF()$	PUF运算
$R\_t/S\_t$	读写器发起认证时刻的时间戳/服务器接收认证信息时刻的时间戳
$PRNG()$	伪随机数生成器
${{r}_{1}},{{r}_{2}}$	随机数
${{k}_{1}},{{k}_{2}},{{k}_{3}}$	共享密钥

预言机	功能介绍
$CreatTag\left( IDS \right)$	生成唯一标识符为$IDS$的标签
$DrawTag\left( dist \right)\to vtag$	按照分配概率函数$dist$随机选择标签,为标签分配临时标识$vtag$
$FreeTag\left( vtag \right)$	释放$vtag$标签
$E\text{x}ecute\left( \pi \right)\to transcript$	执行协议实例$\pi $,返回会话记录$transcript$
$Launch\left( {} \right)\to \pi $	读写器重新启动认证协议实例$\pi $
$SendReader\left( m,\pi \right)\to m'$	读写器接收消息$m$,输出消息$m'$
$SendTag\left( m,\pi \right)\to m'$	标签$T$接收到消息$m$,输出消息$m'$
$Result\left( \pi \right)\to x$	协议实例$\pi $成功,返回1,否则返回0
$Corrupt\left( vtag \right)$	攻击者入侵窃取标签$vtag$内部消息

安全隐私	文献[4]	文献[6]	文献[7]	文献[9]	SAPLS
位置追踪	√	√	√	√	√
前向不可追踪	√	√	√	√	√
后向不可追踪	√	√	√	√	√
标签假冒	√	√	√	×	√
读写器假冒	√	√	√	×	√
重放攻击	√	Δ	Ο	√	√
去同步攻击	×	√	√	√	√
拒绝服务攻击	√	√	Ο	Ο	√

协议	标签开销	读写器开销	服务器开销
文献[4]	1H+1X	1H	O(1)
文献[6]	1H+1X+2PRNG	1PRNG+1H	O(1)
文献[7]	1PRNG+1H+5X+ 2Mod+2P	2PRNG+1H+5X+ 2Mod+2P	O(N)
文献[9]	1Xor+1Mod	1Xor+1Mod	O(N)
SAPLS	1PRNG+8X+2P	1PRNG+8X+2P	O(1)