摘要
针对目前广泛应用的被动式射频识别(RFID)标签中的计算、存储资源有限,导致RFID认证协议的安全和隐私保护,特别是可扩展性一直没有得到很好解决的问题,提出一种基于哈希函数、可证安全的轻权认证协议。该协议通过哈希运算和随机化等操作确保认证过程中会话信息的保密传输和隐私性;在认证过程中,标签的身份信息通过伪名进行确认,其真实身份没有透漏给阅读器等不信任实体;后端服务器进行身份确认仅需进行一次哈希运算,通过标识符构造哈希表可使身份信息查找时间为常数;每次认证后,标签的秘密信息和伪名等均进行更新,从而确保协议的前向安全性。分析证实,该RFID轻权认证协议具有很好的可扩展性、匿名性和前向安全性,能够抵抗窃听、追踪、重放、去同步化等攻击,而且标签仅需提供哈希运算和伪随机数生成操作,非常适合应用于低成本的RFID系统。
The popular Radio Frequency IDentification(RFID)tags are some passive ones and they only have very limited computing and memory resources,which makes it difficult to solve the security,privacy and scalability problems of RFID authentication protocols.Based on Hash function,a security-provable lightweight authentication protocol was proposed.The protocol ensures the confidentiality and privacy of the sessions during the authentication process by Hashing and randomizing.Firstly,the identity of a tag was confirmed by its pseudonym and was preserved from leaking to any untrusted entity such as a reader.Secondly,only one Hashing computation was needed to confirm a tag's identity in the backend server,and the searching time to the tag's identity was limited to a constant by using the identifier to construct a Hash table.Finally,after each authentication,the secrecy and pseudonym of the tag were updated to ensure forward security of the protocol.It is proved that the proposed protocol satisfies scalability,forward security and anonymity demands and can prevent eavesdropping,tracing attack,replay attack and de-synchronization attack.The protocol only needs Hash function and pseudorandom generating operation for the tag,therefore it is very suitable to low-cost RFID systems.
作者
史志才
王益涵
张晓梅
陈珊珊
陈计伟
SHI Zhicai;WANG Yihan;ZHANG Xiaomei;CHEN Shanshan;CHEN Jiwei(School of Electronic and Electrical Engineering,Shanghai University of Engineering Science,Shanghai 201620,China)
出处
《计算机应用》
CSCD
北大核心
2019年第3期774-778,共5页
journal of Computer Applications
关键词
认证协议
可扩展性
安全性
隐私保护
哈希函数
authentication protocol
scalability
security
privacy preserving
Hash function
