摘要
针对结合了网络应用的RFID应用系统面临的新的网络安全问题,设计了"基于硬件设备信息+密码技术"的双因子身份认证协议以解决后端服务器对RFID读写器身份合法性的认证问题。协议中所用硬件设备信息为RFID读写器射频模块OEM配置数据中的唯一串号,该串号可以在读写器控制程序中调用API函数实时获取。密码技术则采用轻量级加密算法AES。该认证协议适用于产品防伪、仓储管理、物流跟踪等新兴领域,具有一定的现实意义与实用价值。
Aiming at the new security problems of radio frequency identification system (RFID) which is combined with network, a new so-called two-factor authentication protocol is presented. It is designed to help the back-end server ensuring the legitimacy of the reader in RFID system. This authentication protocol is based on the hardware device information and cryptographic technique. The hardware device information is gained from the only serial number of the OEM RF module configuration data of the reader. The only serial number can be read and written by calling the API function in the real-time access. The cryptographic technique uses a lightweight encryption algorithm which is called Advanced Encryption Standard (AES). This Twofactor authentication protocol is applicable to product security, warehouse management, logistics tracking and other emerging areas, which has certain practical significance and practical value.
出处
《计算机工程与设计》
CSCD
北大核心
2013年第11期3726-3730,共5页
Computer Engineering and Design
基金
国家自然科学基金项目(61063045
61262003)
广西自然科学基金项目(2010GXNSFC013013)
