基于Edwards曲线的移动RFID安全认证协议

针对传统的RFID认证协议通常难以适应移动RFID系统的问题,提出了基于Edwards曲线的适用于移动RFID系统的安全认证协议,协议采用Edwards曲线提高了其防侧信道攻击的能力,并应用椭圆曲线离散对数问题实现安全认证。进一步采用可证明安全方法给出了标签和阅读器不可跟踪隐私的安全性证明,通过安全性分析指出协议能更有效抵抗已有各种攻击。与现有的结构类似RFID认证协议相比,该协议扩展性更好,安全性和性能优于其他方案。     

物联网中基于动态密钥轻量级RFID认证协议

针对物联网中感知层RFID系统信息及用户隐私易被泄露等问题,提出一种基于动态密钥轻量级RFID安全认证协议。该协议利用标签及读写器自身产生的随机数、CRC编码函数及一定算法生成动态密钥,并利用该密钥及加密算法来加密认证过程中的重要参数,确保数据传输过程中的机密性。运用BAN逻辑形式化分析方法对该协议安全性进行证明。通过对该协议的安全性、复杂性分析表明,该协议安全、可靠,运行效率较高,适合低成本RFID系统对应用安全的需要。     

基于PRESENT算法的RFID安全认证协议

物联网中RFID技术的应用非常广泛,但是RFID系统的安全性却存在着很大隐患。在RFID系统中标签与读写器间的通信信道是最易受到攻击,传输数据的完整性与保密性得不到保障,因而需要加强RFID系统通信的安全机制。考虑到RFID系统的硬件条件与成本限制,需要建立一个适合RFID系统的安全认证协议,来解决在RFID系统中信息传输所遇到的安全问题。PRESENT算法是轻量级的分组加密算法,将PRESENT结合到RFID系统的安全认证协议中,形成了新的RFID安全认证协议PRSA(PRESENT based RFID security authentication)。此协议可以增强RFID系统的安全性而又不会占用过多的硬件资源,从而能够适用于低成本的RFID系统的通信安全。     

基于零知识证明的多实体RFID认证协议

物联网的发展对射频识别(RFID)系统的安全性能提出了越来越高的要求。虽然基于密钥阵列的RFID认证协议解决了传统RFID认证协议在多实体环境中存在的内部攻击问题,但基于交换实体身份信息的认证方式存在信息泄露的安全隐患。针对这一问题,设计了基于零知识证明的多实体RFID认证协议(MERAP)。该协议采用分布式密钥阵列抵御内部攻击,利用零知识证明方案实现双向认证时敏感身份信息零泄露。性能分析结果显示,MERAP协议在维持一定复杂度和标签成本的基础上,可抵抗包括重传、跟踪、拒绝服务和篡改等多种外部攻击和内部攻击。     

基于口令认证的RFID系统安全协议及其BAN逻辑分析

本文提出一种新的基于口令认证的RFID系统安全协议.该方法充分利用RFID低等级标签提供的有限资源:访问口令(PW)、标签的标识码(ID)和伪随机函数等建立RFID系统读写器和标签双向认证的安全协议,对该协议抵抗各种攻击的安全性进行理论分析并对该协议的认证功能进行BAN逻辑的形式化分析.结果表明该协议能够有效抵御在线和离线字典攻击、伪装攻击、重放攻击以及流量分析和跟踪攻击,因而解决了RFID系统的安全问题.     

基于QC-MDPC码的可证明安全RFID双向认证协议

目前射频识别(RFID)系统安全问题日益严重,为了保护RFID系统中无线信道部分的信息交互安全,用准循环中密度奇偶校验码构造Niederreiter型公钥密码体制,基于这种加密模型提出一种RFID双向安全认证协议。利用规约技术证明该协议安全性,将攻击困难规约到线性码的译码困难问题。通过与其他RFID认证协议对比,在交互量、计算量和存储量等性能方面该协议也适用于资源有限且高效率的RFID系统。     

一种基于散列函数的RFID安全认证方法

RFID系统中有限的标签芯片资源,导致数据与信息的安全成为RFID系统的重要问题之一,散列函数的单向性为RFID的识别和认证提供了一种既可靠又有效的途径.在分析了现有几种典型散列认证协议的基础上,提出了一种新的基于散列函数的安全认证协议.本协议旨在解决手持式、无线连接的RFID阅读器与标签、服务器间的识别,利用散列函数实现服务器、阅读器以及电子标签三者之间的相互认证.经过安全性与性能的分析,新协议在采用较小的存储空间和较低的运算开销的情况下,可抵抗已知的大多数攻击,有效地保证了RFID系统中数据和隐私的安全,实现了终端与服务器间的双向认证和匿名认证,非常适合于在大型分布式系统中使用.     

一种RFID系统的Tag-Reader双向安全认证协议

为了保证RFID系统的信息安全,本文在分析现有RFID认证协议的基础上,提出一种基于Grain-Mac流密码加密算法的双向安全认证协议,采用流密码和密钥动态更新的方法实现了标签与阅读器的双向认证。仿真结果表明,该协议成本低、效率高、安全性好,且能够有效抵抗拒绝服务攻击,达到了预期的效果。     

RFID匿名认证协议的设计

在分析RFID协议安全需求的基础上,基于通用可组合安全模型,设计了一个低成本的RFID匿名认证协议,在标准模型下证明了RFID匿名认证协议的安全性.设计的协议提供匿名、双向认证和并发安全,并且协议的实现对于一般的RFID结构都是切实可行的.     

基于混合加密密值更新的RFID安全协议

针对低成本标签不能兼顾安全性的问题,在研究现有安全机制的基础上,提出一种基于混合加密密值更新的RFID(射频识别)安全协议。在性能方面,该协议即吸取分布式RFID询问应答认证协议的安全技术优势,又改善了算法复杂度。经分析认证,标签能满足低成本的要求,在信息保护、抵抗攻击上也能取得理想的效果。     

Efficient P2P-based mutual authentication protocol for RFID system security of EPC network using asymmetric encryption algorithm

Internet of Things (IoT) is a new vision of the future technological ubiquity in ubiquitous computing, which becomes the mapping from the real world to the digital one. Radio frequency identification (RFID) technology is a key enabler of the future IoT and it has a great economical potential. However, the RFID system uses of Electronic Product Code (EPC) tags can drastically threaten the security of applications. With the widespread use of RFID technology, its security problems become the hot topic in the academic and industrial fields. Aiming at the RFID network's security problems, we propose a novel P2P based RFID network architecture (P2P-RFID), and analyze the security problems in this kind of network. And a feasible and scalable protocol to guarantee P2P-RFID network security is also presented in this paper. The proposed protocol uses P2P storage technology together with the utilizing of asymmetric encryption algorithm (RSA) based authentication. An analysis proves that the presented protocol is secure. Moreover, the protocol authentication does not require a Certificate Authentication (CA) database, which avoids the single-point bottleneck.     

Low Cost RFID Security Protocol Based on Rabin Symmetric Encryption Algorithm

Research shows that heavy-weighted RFID authentication protocol is weak to adapt to low-cost RFID tags because of the usage of public key Encryption Algorithm. The lightweight authentication protocol is suitable for low-cost RFID security authentication protocol because it adopts only the operation of AND, OR, XOR and shift, etc., but is hard to resist complex attacks. In this article, we use the features of the Rabin public key cryptography algorithm, which verifies that the signature process requires only low-cost square multiplication and modulo operations. Based on this, an RFID security authentication protocol with Rabin encryption algorithm is designed. The protocol improves the security of low-cost RFID tags to the height of the public key cryptosystem, and greatly increasing the security of low-cost RFID.

     

Efficient RFID Authentication Using Elliptic Curve Cryptography for the Internet of Things

The Internet of Things (IoT) is an expansion of Internet-based sensing, processing and networking. As a key technique of the IoT, the Radio Frequency Identification (RFID) had a prosperous development in the past decade. Security schemes were also proposed to ensure secure RFID authentication. This paper analyzes security weaknesses found in previous schemes and proposes a new RFID authentication scheme using Elliptic Curve Cryptography (ECC). Security analysis results show that the proposed scheme can meet security requirements of RFID authentication while requiring no extra cost in terms of performance.     

“汽车数字化标准信源”标签安全研究

＂汽车数字化标准信源＂（即电子车牌）系统依靠UHF频段的射频识别（RFID）标签记录车辆的基本信息,同时凭借架设在道路上的专用读写设备采集车辆、道路等相关信息,以实现对车辆的跟踪定位、实时管理、交通管理、环保、保险状态监察等功能。介绍了＂汽车数字化标准信源＂系统车辆专用UHF频段标签内存数据的不同类型和如何通过ISO18000-6B标签的特性及有效加密手段满足系统对信息安全及隐私保护的需求,提出了一套有效的标签信息安全加密设计方案。     

A scalable and secure RFID mutual authentication protocol using ECC for Internet of Things

Very recently, Alamr et al (J. Supercomput 1‐14 doi: 10.1007/s11227‐016‐1861‐1) presented a radio frequency identifier (RFID) authentication protocol for the Internet of Things (IoT) through elliptic curve cryptography (ECC). They claimed the protocol to achieve several security properties and thwart all known attacks. However, this paper shows that their scheme is having correctness and scalability issues. The reader in their protocol can accommodate only one tag, which is not desirable in the IoT environments. The paper finally suggests an improvement to cater the correctness and scalability issues.     

ITPMAP: An Improved Three-Pass Mutual Authentication Protocol for Secure RFID Systems

Radio frequency identification (RFID) is a wireless technology used in various applications to minimize the complexity of everyday life. However, it opens a large number of security and privacy issues that require to be addressed before its successful deployment. Many RFID authentication protocols are proposed in recent years to address security and privacy issues, and most of them are based on lightweight cryptographic techniques such as pseudo-random number generators (PRNGs), or bitwise logical operations. However, the existing RFID authentication protocols suffer from security weaknesses, and cannot solve most of the security and privacy problems. A new solution is necessary to address security and privacy issues. In this paper, an improved three-pass mutual authentication protocol (ITPMAP) for low-cost RFID tags is proposed to offer an adequate security level for RFID systems. The proposed ITPMAP protocol uses one PRNG on the tag side and heavy-weighted cryptographic techniques (i.e., digital signature and password-based encryption schemes) on the back-end server side instead of lightweight cryptographic techniques to address the security and privacy issues. The ITPMAP protocol is secure against various attacks such as cloning, spoofing, replay, and desynchronization attacks. Furthermore, as a proof of concept, the ITPMAP protocol is adopted to propose the design of three real-life RFID systems; namely: Signing and Verification of Graduation Certificate System, issuing and verification of e-ticketing system, and charging and discharging of prepaid card system. The Unified Modeling Language is used to demonstrate the design of the proposed ITPMAP protocol and systems. Java language is used for the implementation of the proposed systems. In addition, the “Mifare Classic” tags and readers are used as RFID apparatuses for the proposed systems.     

物联网加密技术研究

物联网是一种虚拟网络与现实世界实时交互的新型系统,随着物联网技术的迅猛发展,物联网终端的安全问题也逐渐被重视。文中通过分析物联网终端设备存在的认证、私隐等安全问题,针对终端设备计算能力、网络资源有限的特点,研究了基于IBE密钥参数协商和身份鉴别技术、轻量级加密算法和密码自同步技术,提出了将几种技术相结合的加密技术方案,并对这种方案的安全性进行了分析。     

标准模型下可证明安全的RFID双向认证协议

目前RFID(radio frequency identification)系统安全问题日益突出,为了实现RFID系统信息安全与隐私保护,在标准模型提出了一个基于HB协议的RFID双向安全认证协议。利用规约技术证明协议的安全性,将攻击者的困难规约到伪随机函数与真正随机函数的不可区分性上。协议仅使用轻量级的伪随机发生器以及向量点乘运算,具有较高的安全性和效率。通过从安全性及性能两方面与其他认证协议进行比较,表明协议适用于低成本及存储资源受限的RFID标签。