摘要
针对汪杰等[15]设计的改进的轻量级移动RFIO双向认证协议进行分析,指出其协议存在的安全缺陷,在该协议基础之上,给出一种改进的能够抵抗去同步化攻击的移动双向认证协议。所提协议中,所有信息加密后再传输,且加密过程中均混入随机数,增大攻击者的破解难度。协议为能够抵抗去同步化攻击采用以下措施:在后台服务器端存放前后两次认证密钥;在标签端引入Count计数器。协议为降低系统整体计算量,采用位运算进行加密。对协议进行安全性分析,协议具备移动式RFID系统所需的安全要求;对协议进行性能分析,协议具备降低系统计算量的特征。
This paper focuses on the protocol designed by Wang et al,and it points out the security flaw of the protocol.Based on this protocol,an improved mobile mutual authentication protocol is proposed,which can resist the desynchronization attack.In the proposed protocol,all information was encrypted and retransmitted,and random numbers were mixed in the encryption process,which made it more difficult for the attacker to crack.In order to resist the desynchronization attack,the protocol adopts the following two measures:two authentication keys were stored in the back-end server;count counter was introduced in the label side.To reduce the overall calculation of the system,it used bit operation to encrypt.The security analysis of the protocol shows that the protocol has the security requirements of mobile RFID system.The performance analysis of the protocol shows that the protocol has the characteristics of reducing the system computation.
作者
何小平
He Xiaoping(School of Data and Computer Science,Guangdong Peizheng College,Guangzhou 510830,Guangdong,China)
出处
《计算机应用与软件》
北大核心
2020年第12期309-315,327,共8页
Computer Applications and Software
基金
教育部高等教育司2018年第二批产学合作协同育人项目(201802068001)
广东高校省级重点平台和重大科研项目--特色创新项目(2018GXJK417)。
关键词
射频识别
移动系统
双向认证
Count计数器
同步化攻击
随机数
交换重组交叉位运算
RFID
Mobile system
Mutual authentication
Count counter
Synchronization attack
Random number
Switching and reorganizing crossover bit operation(SRC)