一种采用双层校验的RFID离线匿名群证明协议  

作　　者：周志彬 王国军[2,3] 刘琴[4] 贾维嘉 Zhou Zhibin;Wang Guojun;Liu Qin;Jia Weijia(College of Information Science and Engineering, Hunan Normal University, Changsha 410012;School of Information Science and Engineering, Central South University, Changsha 410083;School of Computer Science and Educational Software, Guangzhou University, Guangzhou 510006;College of Computer Science and Electronic Engineering, Hunan University, Changsha 410082;Department of Computer Science and Engineering, Shanghai Jiao Tong University, Shanghai 200240)

机构地区：[1]湖南师范大学信息科学与工程学院,长沙410012 [2]中南大学信息科学与工程学院,长沙410083 [3]广州大学计算机科学与教育软件学院,广州510006 [4]湖南大学信息科学与工程学院,长沙410082 [5]上海交通大学计算机科学与工程系,上海200240

出　　处：《计算机研究与发展》2018年第12期2674-2684,共11页Journal of Computer Research and Development

基　　金：国家自然科学基金项目(61632009;61472451;61402161)~~

摘　　要：随着越来越多的物品被贴上RFID标签,用于证明若干具有一定关系的物品作为一个群组在同一时间、同一地点出现的群证明技术的应用日趋广泛.在RFID群证明技术中,如何在确保标签信息安全与隐私的同时,生成可靠的群证明,并提升协议的执行效率是当前的研究热点.为确保标签信息的安全与隐私,离线群证明协议往往仅由Verifier完成验证,Reader仅负责群证明信息的收集,降低了协议对于非法群证明的响应速度,为提高系统的群证明效率,抵御拒绝服务(deny of proof,DoP)攻击,提出了一种采用双层校验的RFID离线匿名群证明协议AGPDL,使用椭圆曲线加密,通过二次校验的方法,授权Reader在标签匿名的情况下预先进行群证明的有效性验证,然后再由Verifier完成最终的群证明校验,并确认标签身份.通过安全性分析与性能分析可知:AGPDL能够较好地保护标签信息的安全与隐私,抵御冒充攻击与重放攻击,并且防止Reader提交无效群证明带来的系统开销,具有较好的可扩展性.As more and more items are tagged with RFID tags.The grouping-proof technology which is used to produce a coexistence evidence with a group of related items is becoming more and more widely used.In the RFID grouping-proof protocol,how to generate reliable grouping-proof without threat to the tag information security and how to improve the protocol efficiency are search hotspots in RFID security area.In the off-line grouping-proof protocol,the proof data generally verified by the verifier to guarantee the privacy and security of tag information,the reader is only used to collect the grouping proof data,which cut down the responding speed to the illegal proof data in protocol.To enhance the grouping-proof efficiency and prevent DoP(deny of proof)attack,a RFID anonymous grouping-proof protocol using dual-layer verification(AGPDL)has been proposed.The AGPDL uses the elliptic curve cryptosystem as an encryption means.In this protocol,dual-layer verification is used.Reader are authorized to verify the validity of group-proof without knowing the identity of tags.After that,the final verification process and tag authentication are finished by the verifier in background server.Through the security and performance analysis,the AGPDL can provide the security and privacy about tag s information,prevent the replay and impersonate attack,Furthermore,it has the ability to prevent the system overhead caused by invalid submission of grouping-proofs from reader with better scalability.

关 键 词：RFID安全 隐私 群证明 匿名性 椭圆曲线密码 

分 类 号：TP391[自动化与计算机技术—计算机应用技术]