摘要
文章针对CROP协议的不足,提出了改进的RFID所有权转移协议。为了抵抗内部阅读器假冒攻击,改进方案在云端增加新的存储信息,该信息引入当前阅读器的共享密钥进行哈希加密以保证密钥的机密性;在标签认证信息中增加当前阅读器和新阅读器产生的随机数进行伪随机函数和二次剩余定理加密以抵抗标签假冒攻击和阅读器跟踪攻击;为抵抗去同步化攻击,阅读器同时存储更新前后两轮密钥以保证阅读器和标签的同步性;采用二次剩余定理加密索引的方式保证当前阅读器能够使用索引快速检索到合法标签,提高认证效率。文章基于Vaudenay隐私模型形式化证明改进方案满足强前向不可跟踪性和后向不可跟踪性的隐私性能,且能够抵抗内部阅读器假冒、去同步化和标签假冒攻击等安全威胁。实验结果表明,改进方案有效降低了阅读器的认证耗时。与现有协议相比,文章算法在满足所有权安全转移的同时,提高了协议的可扩展性。
Aiming at the deficiency of CROP protocol, an improved ownership transfer protocol is proposed in this paper. In order to resist the inner reader impersonation attack, the improved scheme adds new storage information to the cloud, which introduces the current reader's shared key for Hash encryption to ensure the key confidentiality. In the tag authentication information, the random numbers generated by the current and new reader are added to perform the pseudo random function and the quadratic residue encryption to resist tag impersonation and reader tracing attacks. To solve the desynchronization attack, the reader simultaneously stores the updated and un-updated key to ensure synchronization between the reader and the tag. Using the quadratic residue theorem to encrypt the index to ensure the current reader can use the index quickly retrieve the legal tag and improve the authentication efficiency. Based on the Vaudenay privacy model, this paper proves the improved scheme satisfies the privacy performance of strong forward as well as backward un-traceability and can resist inner reader impersonation, de-synchronization, tag impersonation attacks and other security risks. The experimental results show that the improved scheme effectively reduces the reader's authentication time. Compared with the existing protocols, this paper improves the scalability of the protocol while satisfying the secure ownership transfer.
出处
《信息网络安全》
CSCD
2017年第8期60-68,共9页
Netinfo Security
基金
国家自然科学基金[61373126]
中央高校基本科研业务费用专项资金[JUSRP51510]
