一种基于字合成运算的射频识别双向认证协议

RFID系统由标签、读写器、后台数据库3部分组成,其中标签与读写器之间通过无线信道进行信息传输,存在易被攻击者截获通信信息的风险。提出一种基于字合成运算的射频识别双向认证协议。所提协议运用二次剩余定理对信息进行加密,增大破解难度;每轮通信加密过程中,随机数的添加使得前后通信消息均不一致,致使攻击者无法发起追踪攻击行为信消息加密过程中,同时采用字合成运算方法,能够有效减少RFID系统总的计算量;后台数据库端引入随机数校验机制,使系统能够有效抵抗异步攻击等攻击。安全性分析表明,基于字合成运算的射频识别双向认证协议具备较高的安全性;性能分析表明,协议具备轻行为量级计算量的标准。     

基于RFID技术的身份识别系统设计与实现

RFID射频识别是一种非接触式的自动识别技术,它通过射频信号自动识别目标对象并获取相关数据,识别工作无须人工干预,可工作于各种恶劣环境。RFID技术可识别高速运动物体并可同时识别多个标签,操作快捷方便。首先简要介绍了RFID技术的概念、优势以及RFID系统的组成和工作原理。并提出了一种基于RFID技术的身份识别系统,并提出标签的存储防静态分析和存储数据的访问控制;以及读卡器和标签之间的认证和密钥协商协议的方案,以满足身份识别的要求。     

基于无线SOC的RFID信息采集系统的设计

近年来,射频识别RFID技术快速发展,应用日益广泛.本文提出了一种基于TRF7960与片上系统CC1110的信息采集系统的设计方案.该系统具有多协议、防碰撞、多标签识别、数据无线收发功能,具备图形化人机界面及低成本和低功耗特点.本文详细描述了该系统的设计,包括读写器模块、无线传输模块与接口等硬件;软件则介绍了兼容多协议的读写器控制程序、防碰撞算法流程与无线传输功能的实现.实验表明,该系统功能齐全,操作简便,运行稳定.     

基于零知识证明的多实体RFID认证协议

物联网的发展对射频识别(RFID)系统的安全性能提出了越来越高的要求。虽然基于密钥阵列的RFID认证协议解决了传统RFID认证协议在多实体环境中存在的内部攻击问题,但基于交换实体身份信息的认证方式存在信息泄露的安全隐患。针对这一问题,设计了基于零知识证明的多实体RFID认证协议(MERAP)。该协议采用分布式密钥阵列抵御内部攻击,利用零知识证明方案实现双向认证时敏感身份信息零泄露。性能分析结果显示,MERAP协议在维持一定复杂度和标签成本的基础上,可抵抗包括重传、跟踪、拒绝服务和篡改等多种外部攻击和内部攻击。     

汽车数字化标准信源系统识读距离仿真

为实现汽车数字化标准信源系统的采集基站建设和标签安装的最优配置,对无源射频识别（RFID）车辆身份管理系统的识读距离进行了仿真计算。在读写器天线与标签天线远场图确定的条件下,对采集基站的架设参数,例如天线的安装倾角,仿真计算得到目标车辆通过固定式龙门架无源RFID采集基站时的可识读距离,并进行比较分析。为汽车数字化标准信源系统不同车型的标签安装位置以及采集基站的架设提供了参考依据。     

远距离RFID读写天线的研究

自动识别技术是将信息数据自动识读、自动输入计算机的一种重要方法。接触式识别易受恶劣环境影响且易受机械磨损,而射频识别（RFID）技术以非接触性解决卡中无源和免接触等难题。通过研究射频天线各种性能参数,提出一种远距离RFID读写天线的设计优化方法,使频率为13．56MHz,遵循ISO15693协议的RFID读写器有效读写距离拓展到30cm左右．实现RFID读写器的远距离读写功能。     

低压低功耗无源UHF RFID标签芯片模拟前端电路的设计

本文从设计符合EPCTM C1G2协议的超高频无源射频识别标签芯片的角度出发,对RFID标签芯片模拟前端电路进行设计.通过对各个关键电路的功耗与电源进行优化,实现了一个符合协议要求的低电压、低功耗的超高频无源RFID标签芯片的模拟前端.该UHF RFID标签模拟前端设计采用SMIC 0.18 μm EEPROM CMOS工艺库.仿真结果表明,标签芯片模拟前端的整体功耗控制在2.5 μW以下,工作电源可低至1 V,更好地满足了超高频无源射频识别标签芯片应用需求.     

物联网移动RFID系统匿名访问控制认证密钥交换协议

针对物联网移动RFID系统标签隐私信息的访问控制以及用户身份隐私保护问题,本文采用身份加密和属性加密相结合的方法,建立了IB-AB-eCK安全模型,设计了基于身份及属性的认证密钥交换协议IB-AB-AKE。基于IB-AB-AKE协议,提出了移动RFID手机与信息服务器之间认证密钥交换协议,实现了在保护移动RFID手机用户身份隐私的同时,根据标签所有者定制的访问控制策略进行标签信息的访问控制认证和会话密钥交换,防止了隐私信息被非法访问。分析表明,IB-AB-AKE协议在IB-AB-eCK模型下是安全的,且在通信次数、通信量及计算量方面具有优势。      

低功耗UHF频段RFID标签数字基带电路

通过对UHF频段EPC Global Class1 Generate2协议进行分析,详细论述了符合协议要求的被动式无源射频身份识别(RFID)标签的数字电路系统方案,并提出了一种新颖的、针对RFID标签的数字基带低功耗电路。在0.18 μm CMOS工艺环境下,使用Synopsys工具对电路进行前端综合和后端物理实现,同时对电路的功耗进行了简要的分析。仿真及测试结果表明,该标签数字基带电路功能符合协议要求。     

基于低级别读写器协议的无线射频识别中间件系统

无线射频识别（RFID）技术的应用在近年来取得了长足的发展。RFID中间件系统是RFID网络的重要组成部分,位于RFID应用系统和RFID读写器之间,是RFID标签信息的处理中枢。传统的RFID中间件系统对上层的RFID应用系统提供了统一的应用层事件（ALE）接口,但是和RFID读写器之间的连接则采用适配读写器厂商私有接口的方式,不利于快速构建RFID应用系统。基于低级别读写器协议（LLRP）的RFID中间件系统提供了标准的接口来接入不同厂商的读写器,大幅度地提高了构建RFID应用系统的效率。     

A Fully Integrated CMOS Security‐Enhanced Passive RFID Tag

A fully integrated CMOS security‐enhanced passive (SEP) tag that compensates the security weakness of ISO/IEC 18000‐6C is presented in this paper. For this purpose, we propose a security‐enhanced protocol that provides mutual authentication between tag and reader. We show that the proposed protocol meets the security demands of the ongoing international standard for RFID secure systems, ISO/IEC 29167‐6. This paper fabricates the SEP tag with a 0.18‐µm CMOS technology and suggests the optimal operating frequency of the CMOS SEP tag to comply with ISO/IEC 18000‐6C. Furthermore, we measure the SEP tag under a wireless environment. The measured results show that communications between the SEP tag and reader are successfully executed in both conventional passive and SEP modes, which follow ISO/IEC 18000‐6C and the proposed security enhanced protocol, respectively. In particular, this paper shows that the SEP tag satisfies the timing link requirement specified in ISO/IEC 18000‐6C.     

Security analysis of two lightweight RFID authentication protocols

One of the key problems in radio frequency identification (RFID) is security and privacy. Many RFID authentication protocols have been proposed to preserve security and privacy of the system. Nevertheless, most of these protocols are analyzed and it is shown that they cannot provide security against some RFID attacks. Strong authentication and strong integrity (SASI) is the first ultra-lightweight authentication protocol introduced rotation shift operation and RFID authentication protocol with permutation (RAPP) is a new ultra-lightweight authentication protocol with permutation. In this paper, we give the security analysis on these two protocols. An active attack is presented on RAPP, and using the property of the left rotation and permutation operations, we can deduce the relationship of bits of random number or secret keys at different positions, thus obtain all the secrets shared by the reader and the tag. A passive full-disclosure attack is proposed on SASI. Using SASI’s construction weakness, our attack can reveal all the secrets shared by the reader and tag by eavesdropping about 48 rounds of the authentication messages.     

A 2.45-GHz Near-Field RFID System With Passive On-Chip Antenna Tags

The design of a 2.45-GHz near-field RF identification (RFID) system with passive on-chip antenna (OCA) tags is very challenging as the efficiency of RF power conversion is very low. It poses multidisciplinary research challenges such as ultra-low-power circuits design, semiconductor process technology, and integrated antenna design. This paper describes the designs of such an RFID system, the reader, and OCAs, as well as the passive tag integrated circuits in detail. The passive tag chip with 128-bit nonvolatile memory has been realized using CMOS 0.13- technology. The OCA is fabricated on top of the chip using post-processing technology. The complete RFID tag with an integrated OCA is smaller than 0.5- with a thickness of 0.1 mm. With the reader generating an output power of 0.5 W, the RFID system is able to perform with RF read/write functions at a distance of .     

基于动态共享密钥的移动RFID双向认证协议

针对移动无线射频识别认证协议面临的身份认证和隐私保护、动态密钥安全更新和去同步化攻击问题,提出一种可动态更新共享密钥的移动RFID双向认证协议.协议基于Hash密码机制,利用随机数同时进行密钥安全更新和身份认证,并采用对分表存储的当前和历史共享密钥进行动态添加和删除的方法,保留最后一次合法认证后的一致共享密钥.安全性能分析与效率分析表明,该协议能够实现动态密钥安全更新和身份认证、能够在遭受去同步化攻击后保证密钥同步,且具有较强的计算和存储性能.通过和同类RFID认证协议比较,协议弥补了同类RFID协议存在的不足,适用于被动式标签数量庞大的RFID系统.     

基于Edwards曲线的移动RFID安全认证协议

针对传统的RFID认证协议通常难以适应移动RFID系统的问题,提出了基于Edwards曲线的适用于移动RFID系统的安全认证协议,协议采用Edwards曲线提高了其防侧信道攻击的能力,并应用椭圆曲线离散对数问题实现安全认证。进一步采用可证明安全方法给出了标签和阅读器不可跟踪隐私的安全性证明,通过安全性分析指出协议能更有效抵抗已有各种攻击。与现有的结构类似RFID认证协议相比,该协议扩展性更好,安全性和性能优于其他方案。     

Hardware implementation of tag-reader mutual authentication protocol for RFID systems

Radio-frequency identification (RFID) is a recent technology that utilizes radio frequencies to track the object by transmitting a signal with a unique serial identity. Generally, the drawbacks of RFID technology are high cost and authentication systems between a reader and a tag become weak. In this paper, we proposed a protocol for RFID tag–reader mutual authentication scheme which is hardware efficient and consumes less dynamic power. Truncated multipliers are implemented in RFID tag–reader mutual authentication protocol system due to reduction in hardware cost and dynamic power. Experimental evaluation reveals that the proposed protocol with truncated multipliers provides more security than the earlier schemes. The proposed protocol is described in VHDL and simulated using Altera Quartus II. The functional block is implemented as hardware using an Altera DE2 Cyclone II (EP2C35F672C6) Field-Programmable Gate Array (FPGA).     

A practical quadratic residues based scheme for authentication and privacy in mobile RFID systems

In this paper we propose a novel approach to authentication and privacy in mobile RFID systems based on quadratic residues and in conformance to EPC Class-1 Gen-2 specifications. Recently, Chen et al. (2008) [10] and Yeh et al. (2011) [11] have both proposed authentication schemes for RFID systems based on quadratic residues. However, these schemes are not suitable for implementation on low-cost passive RFID tags as they require the implementation of hash functions on the tags. Consequently, both of these current methods do not conform to the EPC Class-1 Gen-2 standard for passive RFID tags which from a security perspective requires tags to only implement cyclic redundancy checks (CRC) and pseudo-random number generators (PRNG) leaving about 2.5k–5k gates available for any other security operations. Further, due to secure channel assumptions both schemes are not suited for mobile/wireless reader applications. We present the collaborative authentication scheme suitable for mobile/wireless reader RFID systems where the security of the server–reader channel cannot be guaranteed. Our schemes achieves authentication of the tag, reader and back-end server in the RFID system and protects the privacy of the communication without the need for tags to implement expensive hash functions. Our scheme is the first quadratic residues based scheme to achieve compliance to EPC Class-1 Gen-2 specifications. Through detailed security analysis we show that the collaborative authentication scheme achieves the required security properties of tag anonymity, reader anonymity, reader privacy, tag untraceability and forward secrecy. In addition, it is resistant to replay, impersonation and desynchronisation attacks. We also show through strand space analysis that the proposed approach achieves the required properties of agreement, originality and secrecy between the tag and the server.     

一种基于散列函数的RFID安全认证方法

RFID系统中有限的标签芯片资源,导致数据与信息的安全成为RFID系统的重要问题之一,散列函数的单向性为RFID的识别和认证提供了一种既可靠又有效的途径.在分析了现有几种典型散列认证协议的基础上,提出了一种新的基于散列函数的安全认证协议.本协议旨在解决手持式、无线连接的RFID阅读器与标签、服务器间的识别,利用散列函数实现服务器、阅读器以及电子标签三者之间的相互认证.经过安全性与性能的分析,新协议在采用较小的存储空间和较低的运算开销的情况下,可抵抗已知的大多数攻击,有效地保证了RFID系统中数据和隐私的安全,实现了终端与服务器间的双向认证和匿名认证,非常适合于在大型分布式系统中使用.     

基于伪随机函数的RFID系统双向认证协议

移动RFID系统中,读写器与后台数据库之间不再通过有线方式通信,而采用无线方式通信,但也存在一定的安全隐患问题。为确保通信数据的安全,提出一种基于伪随机函数的移动RFID双向认证协议。协议确保标签、读写器、后台数据库三方均进行认证,从而保障通信的安全性;采用字合成等位运算,在一定程度上能够减少总的计算量;三方认证,使得移动RFID系统具备更为广泛的运用价值。安全性及性能分析表明,所提协议具有较高的安全性及较低的成本。     

Tree-LSHB+: An LPN-Based Lightweight Mutual Authentication RFID Protocol

In this paper, we propose an enhancement of the Tree-based authentication protocol, named as the Tree-LSHB+ protocol. The protocol is a lightweight authentication protocol that is suitable for use in radio frequency identification (RFID) systems. Compared with the Tree-based HB authentication protocol, our protocol provides mutual authentication in authentication stage. The authentication keys stored in the reader and the tag are also updated when the mutual authentication succeeds. It means that two drawbacks can be avoided in the Tree-based authentication protocol, one is that only the reader authenticates the tag and the other is that the secret keys stored in the tags remain unchanged all the time. We also improve the performance of Tree-based protocol with the property of Toeplitz matrix and find that the Tree-LSHB+ protocol is still a good choice for RFID authentication.