| RFID分布式密钥阵列认证协议的安全性分析 |
| |
| 引用本文: | 刘彦龙,白煜,滕建辅. RFID分布式密钥阵列认证协议的安全性分析[J]. 计算机工程与应用, 2014, 50(16): 72-76 |
| |
| 作者姓名: | 刘彦龙 白煜 滕建辅 |
| |
| 作者单位: | 天津大学 电子信息工程学院,天津 300072 |
| |
| 摘 要: | RFID技术已广泛地应用在诸如访问控制、支付系统、票务系统以及供应链管理等领域,但同时安全和隐私问题变得越来越严重。安全认证协议的设计与完善对于保护信息安全和用户隐私变得更加重要。2011年H.Ning等人提出分布式可扩展密钥阵列认证协议(KAAP),该协议采用分布式密钥阵列架构、访问列表机制和动态随机数机制来抵御系统外部攻击和内部假冒攻击。针对KAAP建立两种有效的攻击模型,在此基础上分析得出该认证协议不能有效地抵御来自外部的重放攻击和拒绝服务攻击。KAAP安全性存在漏洞,不能达到设计的预期目标。
|
| 关 键 词: | 外部攻击 密钥阵列 认证协议 射频识别 |
Security analysis of key array authentication protocol |
| |
| LIU Yanlong,BAI Yu,TENG Jianfu. Security analysis of key array authentication protocol[J]. Computer Engineering and Applications, 2014, 50(16): 72-76 |
| |
| Authors: | LIU Yanlong BAI Yu TENG Jianfu |
| |
| Affiliation: | School of Electronic and Information Engineering, Tianjin University, Tianjin 300072, China |
| |
| Abstract: | As the Radio Frequency IDentification(RFID) technology is widely applied in admission control, payment, ticketing and supply chain management, the security and privacy issues become more and more serious. So it is imperative to design authentication protocols to resist possible attacks and threats. 2011, H. Ning etc. proposed a scalable and distributed key array authentication protocol(KAAP), which uses the distributed key architecture, access list mechanism and dynamic random number mechanism to resist both external attacks and internal forgery attacks. In this paper, we proposed two effective attacks are proposed to against the KAAP, and attacks analysis shows KAAP fails to resist external attacks including replay attack and Denial of Service attack effectively. Therefore, KAAP has security vulnerability and can not achieve the expected goals. |
| |
| Keywords: | external attacks key array authentication Protocol Radio Frequency IDentification(RFID) |
| 本文献已被 CNKI 等数据库收录! |
| 点击此处可从《计算机工程与应用》浏览原始摘要信息 |
|
点击此处可从《计算机工程与应用》下载全文 |
|
