摘要
为了分析无线射频识别(RFID)安全协议的数据去同步化攻击问题,对串空间模型进行了扩展,引入了分析RFID安全协议数据去同步化攻击的能力,并给出了数据去同步化攻击的判定定理.在扩展的串空间模型下,对近年来提出的一个基于哈希函数的RFID安全协议和一个无需后端数据库的RFID认证协议进行了分析,发现了针对这2个RFID安全协议的数据去同步化攻击,该攻击破坏了协议的可用性.分别对这2个RFID安全协议进行改进,改进后的RFID安全协议克服了存在的安全隐患,能够抵御数据去同步化攻击.
The primary objective of this paper is analyze data desynchronization attacks on security protocols for radio frequency identification (RFID). Thus, the strand space model was extended so that it can be applied to analyze data desynchronization attacks. The theorem of data desynchroniza- tion attacks was also given. Based on the extended strand space model, a recently proposed RFID se- curity protocol based on a hash and an RFID authentication protocol without the need for a bake-end database were analyzed. The results show that these two protocols are vulnerable to the data desyn- chronization attack and the attack destroyed the availability of the protocols. Furthermore, the im- provements to overcome the security vulnerabilities of these protocols are presented.
出处
《华中科技大学学报(自然科学版)》
EI
CAS
CSCD
北大核心
2013年第4期65-69,共5页
Journal of Huazhong University of Science and Technology(Natural Science Edition)
基金
国家自然科学基金资助项目(60803150)
关键词
无线射频识别
安全协议
模型
去同步化攻击
串空间
radio frequency identification
security protocol
model
desynchronization attacksstrand space