| 一种基于PUF的超轻量级RFID标签所有权转移协议 |
| |
| 引用本文: | 黄可可,刘亚丽,殷新春. 一种基于PUF的超轻量级RFID标签所有权转移协议[J]. 密码学报, 2020, 7(1): 115-133 |
| |
| 作者姓名: | 黄可可 刘亚丽 殷新春 |
| |
| 作者单位: | 扬州大学信息工程学院,扬州225127;扬州大学信息工程学院,扬州225127;江苏师范大学计算机科学与技术学院,徐州221116;扬州大学信息工程学院,扬州225127;扬州大学广陵学院,扬州225000 |
| |
| 基金项目: | 国家自然科学青年基金(61702237);国家自然科学基金(61472343);江苏省研究生科研与实践创新计划项目(XSJCX18_049);徐州市推动科技创新专项资金(KC18005);江苏省自然科学青年基金(BK20150241);江苏省高校自然科学基金(14KJB520010);江苏师范大学博士科研启动项目(14XLR035);江苏政府留学奖学金。 |
| |
| 摘 要: | 针对RFID标签所有权转移协议中存在的数据完整性受到破坏、物理克隆攻击、去同步攻击等多种安全隐私问题,新提出一种基于物理不可克隆函数(PUF)的超轻量级RFID标签所有权转移协议—PUROTP.该协议中标签所有权的原所有者和新所有者之间直接进行通信完成所有权转移,从而不需要引入可信第三方,主要涉及的运算包括左循环移位变换(Rot(X,Y))和异或运算($oplus$)以及标签中内置的物理不可克隆函数(PUF),并且该协议实现了两重认证,即所有权转移之前的标签原所有者与标签之间的双向认证、所有权转移之后的标签新所有者与标签之间的双向认证.通过使用BAN(Burrows-Abadi-Needham)逻辑形式化安全性分析以及协议安全分析工具Scyther对PUROTP协议的安全性进行验证,结果表明该协议的通信过程是安全的,Scyther没有发现恶意攻击,PUROTP协议能够保证通信过程中交互信息的安全性及数据隐私性.通过与现有部分经典RFID所有权转移协议的安全性及性能对比分析,结果表明该协议不仅能够满足标签所有权转移过程中的数据完整性、前向安全性、双向认证性等安全要求,而且能够抵抗物理克隆攻击、重放攻击、中间人攻击、去同步攻击等多种恶意攻击.在没有额外增加计算代价和存储开销的同时克服了现有方案存在的安全和隐私隐患,具有一定的社会经济价值.
|
| 关 键 词: | 物理不可克隆函数 超轻量级 所有权转移 无线射频识别 BAN逻辑 Scyther |
A PUF-based Ultra-lightweight Ownership Transfer Protocol for Low-cost RFID Tags |
| |
| HUANG Ke-Ke,LIU Ya-Li,YIN Xin-Chun. A PUF-based Ultra-lightweight Ownership Transfer Protocol for Low-cost RFID Tags[J]. , 2020, 7(1): 115-133 |
| |
| Authors: | HUANG Ke-Ke LIU Ya-Li YIN Xin-Chun |
| |
| Affiliation: | (College of Information Engineering,Yangzhou University,Yangzhou 225127,China;College of Computer Science and Technology,Jiangsu Normal University,Xuzhou 221116,China;Guangling College of Yangzhou University,Yangzhou 225000,China) |
| |
| Abstract: | Aiming at various security privacy issues such as data integrity destruction,physical cloning attacks,and desynchronization attacks on the RFID tag ownership transfer protocols,a PUF-based ultra-lightweight ownership transfer protocol for low-cost RFID tags is proposed in this study.In the proposed protocol,the current owner and the new owner of the tag communicate directly to complete the transfer of ownership,so that there is no need to rely on a trusted third party.Therefore,the main operations involved in this protocol include the left cyclic shift operation(Rot($X,Y$))and the bitwise XOR operation($oplus$)and the physical unclonable function operation(PUF)built into the tag.The protocol provides double authentication,which is reflected in the mutual authentication between the current owner of the tag and the tag before the completion of the ownership transfer of the tag,and the mutual authentication between the new owner of the tag and the tag after the completion of the transfer of the ownership of the tag.The security of the PUROTP protocol is verified by using BAN(Burrows-Abadi-Needham)logic formal security analysis and protocol security analysis tool Scyther.The analysis results show that the communication process of the protocol is secure and Scyther does not find malicious attacks.Therefore,the protocol can ensure the security of interactive information and data privacy in the process of communication.The comparison of security and performance with other existing classical RFID ownership transfer protocols shows that the protocol has strong security,and can meet the security requirements of data integrity,forward security,and mutual authentication,and private protection.The proposed protocol can resist multiple malicious attacks such as physical cloning attacks,replay attacks,man-in-the-middle attacks,and de-synchronized attacks.The PUROTP protocol overcomes the security and privacy risks of existing protocols without additional computational cost and storage overhead. |
| |
| Keywords: | physical unclonable function(PUF) ultra-lightweight ownership transfer radio frequency identification(RFID) BAN logic Scyther |
| 本文献已被 维普 万方数据 等数据库收录! |
|
