基于云的RFID相互认证协议  被引量：4

作　　者：陈萌萌 董庆宽[1] 李璐璐 CHEN Meng-Meng;DONG Qing-Kuan;LI Lu-Lu(State Key Laboratory of Integrated Services Networks, Xidian University, Xi＇an 710071, China)

机构地区：[1]西安电子科技大学综合业务网理论及关键技术国家重点实验室,西安710071

出　　处：《密码学报》2018年第3期231-241,共11页Journal of Cryptologic Research

基　　金：国家自然科学基金项目(61373172)~~

摘　　要：随着物联网及云计算的发展,大量物品依靠RFID技术接入互联网.基于云的RFID系统采用按需租用云数据库的方式,可以降低系统维护成本,较好的适应了中小企业的需要,因而得到广泛的关注.然而,在基于云的RFID系统中,安全和隐私问题更为严重,阅读器和云数据库之间的链路不再安全,标签身份以及RFID数据的隐私都不能暴露给云服务提供商.本文提出了一种基于云的RFID相互认证协议,该协议基于Hash函数设计,既实现了阅读器对标签的认证,也实现了标签对阅读器的认证,同时保障了阅读器和云数据库之间数据传输的安全性,还可以保护阅读器的匿名性,降低标签的计算复杂度.安全性分析表明,该协议满足不可追踪性、前向安全性、抗重放攻击、抗去同步化攻击、抗拒绝服务攻击等安全特性.BAN逻辑的形式化分析进一步表明该协议满足相互认证性,且可以抵抗重放攻击,同时,本文对其他几个安全特性进行了分析证明.与其他几个基于云的方案比较,该方案在标签计算量以及整个协议的通信量上有较好的性能优势.With the development of the Internet of things and cloud computing, a large number of objects access to the internet through RFID technology. Cloud-based RFID system adopts the way of renting cloud database on demand, which can reduce the costs of system maintenance, the system is very suitable for the small and medium-sized enterprises, therefore, it gets wide attention. However,the security and privacy problems of cloud-based RFID systems are more serious, the link between the reader and the cloud database is no longer secure, the tag identity and data privacy of RFID cannot be exposed to cloud service providers. This paper proposes a cloud-based RFID mutual authentication protocol, the protocol is designed based on the hash function, it realizes the authentication between the reader and tag, at the same time, it ensures the security of the data transmission between the reader and cloud database, moreover, it can protect the anonymity of the reader, and reduce the computational complexity of the tag. Security analysis shows that the protocol satisfies security requirements,such as untraceability, forward security, withstand replay attack, de-synchronization attack and denial of service attack, etc. The formally analysis with BAN logic further indicates the protocol satisfies the mutual authentication, and can withstand replay attack, at the same time, the paper analyses and proves other security requirements. Compared with other several cloud-based schemes, the proposed protocol has advantages in tag＇s computation cost and communication cost of the whole protocol.

关 键 词：RFID 云数据库 认证协议 BAN逻辑 

分 类 号：TP309.7[自动化与计算机技术—计算机系统结构]