Netinfo Security ›› 2018, Vol. 18 ›› Issue (1): 80-87.doi: 10.3969/j.issn.1671-1122.2018.01.012

• Orginal Article • Previous Articles     Next Articles

Enhanced Secure RFID Authentication Protocol in IoT

Zhicong LI1, Zhiping ZHOU1,2   

  1. 1. School of IoT Engineering, Jiangnan University, Wuxi Jiangsu 214122, China
    2. Engineering Research Center of Internet of Things Technology Applications Ministry of Education, Jiangnan University, Wuxi Jiangsu 214122, China
  • Received:2017-10-09 Online:2018-01-20 Published:2020-05-11

Abstract:

With the development of Internet of things technology, large-scale popularization of RFID applications will appear. In order to realize the protection mechanism of strong privacy, researchers consider using public key encryption mechanism to design protocols. By analyzing some RFID protocols using ECC encryption, it is found that the authentication function is linear in such protocols, which cause the weak security of protocols. Utilizing its linear weakness, it can be found that AlAMR’s protocol is vulnerable to man-the-middle attack and tracking attack. In view of this, a new protocol is designed, this paper uses DH theory to generate the shared secret between the communication entities and set the shared secret as randomized fresh factors, which ensure the freshness and unpredictability of the data stream and avoid tracking attacks. This paper constructs the function corresponding to the communication data through combining these fresh factors and attribute values of the tag by XOR operation, which solve the problem of linearity of the authentication function and avoid the man-the-middle attack. Aiming at the problem of non-scalability of system scale, the idea of ID-verifier transfer is fused into the design of authentication functions to realize the search complexity of a constant level. The designed protocol considers the insecure channel among all communication entities. Through the statistical analysis of the performance of the protocol, the protocol can better meet the development needs of IoT compared with the same type of protocol.

Key words: IoT, RFID, untraceable, privacy, tracking attack

CLC Number: