A Low-Cost RFID Authentication Protocol Against Desynchronization with a Random Tuple

Radio frequency identification (RFID) technology will become one of the most popular technologies to identify objects in the near future. However, the major barrier that the RFID system is facing presently is the security and privacy issue. Recently, a lightweight anti-desynchronization RFID authentication protocol has been proposed to provide security and prevent all possible malicious attacks. However, it is discovered that a type of desynchronization attacks can successfully break the proposed scheme. To overcome the vulnerability under the desynchronization attacks, we propose a low-cost RFID authentication protocol which integrates the operation of the XOR, build-in CRC-16 function, permutation, a random tuple and secret key backup technology to improve the security functionality without increasing any cost than the utralightweight protocols. The analysis shows that our proposal has a strong ability to prevent existing malicious attacks, especially the desynchronization attacks.     

一种RFID标签信息安全传输协议

针对在射频识别（RFID）标签资源受限条件下的标签信息安全传输与隐私保护问题,提出了一种能够实现对RFID标签信息安全传输的协议,该协议能够实现后端数据管理系统对读写器和标签的认证,以及实现密钥的分发,实现标签数据的安全传输。然后采用形式化分析的方法,对该协议进行了分析,分析了其具有的安全属性、抗攻击属性以及其他属性。最后对该协议与传统基于Hash机制的多种协议进行了分析比较,分析结果认为,该协议具有比传统基于Hash机制的协议具有更多的安全属性和抗攻击属性,同时具有适度的运算量,能够满足现有很多场合的应用条件。     

一种轻量级隐私保护的RFID群组证明协议

设计高效安全的群组证明协议有利于RFID(Radio Frequency Identification)系统的广泛应用.本文提出了一种轻量级隐私保护的RFID群组证明协议LPGP(Lightweight Privacy-Preserving Grouping Proof),LPGP协议只使用计算复杂度比较小的伪随机发生器和散列运算来提高协议的运行效率,并且LPGP协议具有认证性、隐私性和可证明安全性,满足了RFID系统群组证明协议的安全性要求.与现有的群组证明协议相比,LPGP协议的标签只需较小的计算复杂度和存储空间,具有较高的效率.     

A Gen2-Based RFID Authentication Protocol for Security and Privacy

EPCglobal Class-1 Generation-2 specification (Gen2 in brief) has been approved as ISO18000-6C for global use, but the identity of tag (TID) is transmitted in plaintext which makes the tag traceable and clonable. Several solutions have been proposed based on traditional encryption methods, such as symmetric or asymmetric ciphers, but they are not suitable for low-cost RFID tags. Recently, some lightweight authentication protocols conforming to Gen2 have been proposed. However, the message flow of these protocols is different from Gen2. Existing readers may fail to read new tags. In this paper, we propose a novel authentication protocol based on Gen2, called Gen2^{+}, for low-cost RFID tags. Our protocol follows every message flow in Gen2 to provide backward compatibility. Gen2^{+} is a multiple round protocol using shared pseudonyms and Cyclic Redundancy Check (CRC) to achieve reader-to-tag authentication. Conversely, Gen2^{+} uses the memory read command defined in Gen2 to achieve tag-to-reader authentication. We show that Gen2^{+} is more secure under tracing and cloning attacks.     

RFID安全认证协议HSAP的分析及改进

随着RFID系统应用的不断扩大,RFID的安全问题也越来越受到人们的关注,基于Hash Lock的RFID安全协议以其低成本的优势得到了广泛的应用,但其安全性能尚不完善。在分析已有的Hash Lock安全协议的基础上,提出了一种基于HSAP的改进协议,通过对其分析可知,改进的协议IHSAP能够保证内容隐私、防止位置跟踪攻击、防止会话劫持攻击、抵抗重放攻击、防止假冒攻击,是一种性能较好的协议,在实际的环境中有一定的实用价值。     

移动自组网中基于声誉机制的安全路由协议设计与分析

移动自组网是一种有特殊用途的对等式网络,具有无中心、自组织、可快速展开、可移动等特点,这些特点使得它在战场、救灾等特殊场合的应用日渐受到人们的重视.由于在移动自组网络中每节点既是主机又是路由器,所以容易遭受基于路由信息的攻击,而现今的路由协议基本没有考虑到该问题.本文在分析移动自组网络安全特性的基础上,综述了该方面的研究工作,建立了基于声誉机制评价体系,并给出了具体的评价方法和计算模型.在此基础上,提出了基于声誉机制的安全路由协议S-DSR.仿真结果表明在存在攻击节点的情况下S-DSR协议比DSR协议具有更好的包传输率、包丢失率等属性.     

基于Hash协议的射频识别系统安全对策

RFID巨大的市场潜力和广阔的发展空间使人们不得不考虑其安全应用问题。文章分析了射频识别系统的不安全因素和可能遭受的非法攻击的环节,给出了几种基于Hash协议的射频识别系统安全解决方案。     

一种基于部分ID的新型RFID安全隐私相互认证协议

在低成本电子标签中实现安全隐私功能是RFID研究领域需要解决的一项关键技术,该文采用部分ID,CRC校验以及ID动态更新的方法,提出一种新型RFID相互认证协议,该协议具有前向安全性,能够防止位置隐私攻击、重传攻击、窃听攻击和拒绝服务攻击,新协议有效地解决了RFID安全隐私问题,并且符合EPC Class1 Gen2标准,它的硬件复杂度较低,适用于低成本电子标签.     

基于口令认证的RFID系统安全协议及其BAN逻辑分析

本文提出一种新的基于口令认证的RFID系统安全协议.该方法充分利用RFID低等级标签提供的有限资源:访问口令(PW)、标签的标识码(ID)和伪随机函数等建立RFID系统读写器和标签双向认证的安全协议,对该协议抵抗各种攻击的安全性进行理论分析并对该协议的认证功能进行BAN逻辑的形式化分析.结果表明该协议能够有效抵御在线和离线字典攻击、伪装攻击、重放攻击以及流量分析和跟踪攻击,因而解决了RFID系统的安全问题.     

基于时序关系的消息推理及安全协议符号迹分析

如何准确地描述敌意环境中的协议运行模型和在统一的框架下分析多种安全属性是安全协议形式化分析中的两个关键问题。提出了基于时序关系的消息推理,把实体的知识与协议的符号迹分析结合起来,构建了协议运行的一般模型。在此模型下,消息间的相互关系被用来统一多种安全属性的形式化表达,定义了相应的属性满足关系,提出了分析安全协议的一般框架。最后给出了一个实例分析,并指出该框架以后的研究方向。     

A Novel Protocol for Security of Location Based Services in Multi-agent Systems

Wireless Personal Communications - Multi-agent systems are automated form of software technology to enhance many applications in our life. However, this technology does not come along with embedded...     

基于SIP的分布式多方会议系统的安全解决方案

分析并归纳了基于扩展SIP协议的分布式会议系统的安全需求,并且提出了一套可行、有效的安全系统结构和具体解决方案。     

RFID的安全与隐私

无线射频识别(RFID)技术中的数据安全和个人隐私问题日益突出,成为了阻碍RFID进一步发展的"瓶颈"。解决该问题需要有切实可行的综合技术解决方案和完善的法规、政策解决方案。可采取的技术解决方案包括:杀死标签、法拉第网罩、主动干扰、阻止标签、哈希(Hash)锁、随机Hash锁、Hash链、重加密等。目前,找到一个既能保护用户隐私和数据安全又能维持低成本的解决方案非常重要,不仅如此,还需要完善的RFID安全与隐私保护法规、政策配合。     

Security Enhancements of a Mutual Authentication Protocol Used in a HF Full-Fledged RFID Tag

Radio Frequency IDentification (RFID) is used in many applications such as access control, transport, ticketing and contactless payment. The full-fledged High Frequency (HF) tags are the most popular RFID tags for these applications that require relatively high cost security operations. However, these HF tags are threatened by many passive attacks such as eavesdropping, desynchronization and ElectroMagnetic (EM) Side Channel Attacks (SCA). In this article, we propose the implementation and the validation of a full-fledged HF tag architecture using an enhanced mutual authentication protocol. This is achieved using a FPGA platform. Security analysis against Electromagnetic Attack (EMA) and desynchronization attacks on the original protocol are presented. Then enhancements at the protocol level are proposed to overcome these attacks. The implementation of these security enhancements shows a low overhead (+22 LUTs) compared to previous existing security hardware solutions (+598 LUTs).     

Security Analysis and Enhancement of the Most Recent RFID Protocol for Telecare Medicine Information System

Wireless Personal Communications - Radio-frequency Identification (RFID) schemes have been widely adopted in medical healthcare environments such as telecare medicine information system (TMIS)....     

针对RFID身份认证协议——ARAP协议的攻击及改进

证明了针对匿名RFID身份认证协议ARAP协议可以进行假冒伪造攻击,并提出了改进版的ARAP协议。攻击的实质在于协议中运用的异或运算会将相同的值消去,或者可以设计特定的随机数实现重放攻击。提出了一种新的运算操作———置换操作,并在改进版的ARAP协议中将原协议的部分异或运算改为置换操作。改进版的ARAP协议还能抵抗跟踪攻击、非同步攻击和重放攻击等。     

IPv6中的安全协议及安全问题

本文介绍了IPV6中的安全协议IPSEC,在网络层实现了认证和加密功能,指出了IPV6在安全方面仍然存在的多种安全威胁。     

A Resistant Quantum Key Exchange Protocol and Its Corresponding Encryption Scheme

The emergence of quantum computer will threaten the security of existing public-key cryptosystems, including the Diffie Hellman key exchange protocol, encryption scheme and etc, and it makes the study of resistant quantum cryptography very urgent. This motivate us to design a new key exchange protocol and eneryption scheme in this paper. Firstly, some acknowledged mathematical problems was introduced, such as ergodic matrix problem and tensor decomposition problem, the two problems have been proved to NPC hard. From the computational complexity prospective, NPC problems have been considered that there is no polynomial-time quantum algorithm to solve them. From the algebraic structures prospective, non-commutative cryptography has been considered to resist quantum. The matrix and tensor operator we adopted also satisfied with this non-commutative algebraic structures, so they can be used as candidate problems for resisting quantum from perspective of computational complexity theory and algebraic structures. Secondly, a new problem was constructed based on the introduced problems in this paper, then a key exchange protocol and a public key encryption scheme were proposed based on it. Finally the security analysis, efficiency, recommended parameters, performance evaluation and etc. were also been given. The two schemes has the following characteristics, provable security,security bits can be scalable, to achieve high efficiency, quantum resistance, and etc.     

A Novel RFID Tag Identification Protocol: Adaptive n-Resolution and k-Collision Arbitration

Since radio frequency identification (RFID) technology has become increasingly common in numerous applications, including large-scale supply chain management, improving the efficiency of RFID tag identification is an important task. In practical settings, the identification of RFID tags often occurs in a dynamic environment, in which tags move through a specific interrogation range. However, the literature contains few studies on the design of efficient identification protocols in dynamic environments. This study proposes a novel tag identification protocol that is particularly efficient in dynamic environments. the proposed protocol involves two anti-collision techniques: adaptive n-Resolution (AnR) and k-Collision Arbitration (kCA). These two techniques significantly improve the tag identification delay and communication overhead. This improvement is primarily due to the use of a newly designed challenge-response bit sequence mechanism and the information obtained from the previous tag identification procedure. As a result, AnR requires only a constant number of interrogation times regardless of the number of target tags, while kCA further improves the efficiency of tag identification with \(k\) -splitting collision arbitration. Rigorous analysis and simulation experiments show that this tag identification protocol significantly outperforms related methods (by at least 48.85 % identification delay and 23.87 % communication overhead can).