可证明安全的轻量级RFID所有权转移协议  被引量：11

作　　者：陈秀清 曹天杰[2] 翟靖轩[2] 

机构地区：[1]徐州医科大学医学信息学院,徐州221008 [2]中国矿业大学计算机科学与技术学院,徐州221008

出　　处：《电子与信息学报》2016年第8期2091-2098,共8页Journal of Electronics & Information Technology

基　　金：国家自然科学基金(61303263);江苏省第四期"333高层次人才培养工程"科研项目(BRA2014047);江苏省"六大人才高峰"科研项目(2014-WLW-023)~~

摘　　要：设计安全的无线射频识别协议有助于实现"智慧城市"的规划和构建完善的智慧网络。安全的RFID所有权转移协议要求同时具备安全性和隐私性,标签的前向不可追踪性和后向不可追踪性是RFID系统实际应用中需要考量的两个重要的隐私性能。针对现有供应链系统中所有权转移协议存在的各种安全隐私问题,该文改进了原有前向不可追踪性定义的错过密钥更新过程的不合理的假设,提出了强前向不可追踪性的概念。提出了一个基于二次剩余定理的轻量级RFID所有权转移协议,并使用改进的模型和定义形式化证明了协议的安全性和隐私性。证明结果表明新方案既可以抵御内部读卡器恶意假冒攻击,追踪攻击,标签假冒攻击和异步攻击,又满足强前向不可追踪性和后向不可追踪性等隐私性能;新协议在实现低成本和高效率认证的基础上,比其他协议安全性和隐私性更好。In order to implement the “wisdom city” planning and build perfect wisdom network, it is important to design the security Radio Frequency IDentification （RFID） protocol. A secure RFID ownership transfer protocol should be evaluated in terms of the security and privacy properties. In particular, there are two important privacy properties included forward untraceable and backward untraceable in the practical application of RFID system. In order to solve the various security and privacy problems, this paper enhances the unreasonable assumption that the attacker misses the key-update session in the definition of forward untraceable, then proposes the definition of strong forward untraceable. In addition, this paper designs the lightweight RFID ownership transfer protocol based on quadratic residues, and uses the enhanced model and definitions to formal prove the security and privacy properties. Moreover, the proof results not only show that the scheme resists against inner reader malicious im-personation attack, tracing attack, tag impersonation attack and desynchronization attack, but also formally prove that the proposed protocol meets strong forward untraceable and backward untraceable properties. In addition, the analysis results demonstrate that the protocol based on low-cost and high efficiency is superior to other protocols in the security and performance properties.

关 键 词：无线射频识别 所有权转移协议 强前向不可追踪性 后向不可追踪性 二次剩余定理 

分 类 号：TP391.45[自动化与计算机技术—计算机应用技术]