面向RFID的轻量级双向认证协议  被引量：2

作　　者：贺嘉琦 彭长根[1,2,3] 付章杰 许德权[1,2] 汤寒林 HE Jiaqi;PENG Changgen;FU Zhangjie;XU Dequan;TANG Hanlin(State Key Laboratory of Public Big Data,Guizhou University,Guiyang 550025,China;College of Computer Science and Technology,Guizhou University,Guiyang 550025,China;Guizhou Big Data Academy,Guizhou University,Guiyang 550025,China;School of Computer Science,School of Cyberspace Security,Nanjing University of Information Science&Technology,Nanjing 210044,China;Guizhou Data Pay Network Technology Co.,Ltd.,Guiyang 550025,China)

机构地区：[1]贵州大学公共大数据国家重点实验室,贵阳550025 [2]贵州大学计算机科学与技术学院,贵阳550025 [3]贵州大学贵州省大数据产业发展应用研究院,贵阳550025 [4]南京信息工程大学计算机学院、网络空间安全学院,南京210044 [5]贵州数据宝网络科技有限公司,贵阳550025

出　　处：《计算机工程与应用》2023年第18期268-277,共10页Computer Engineering and Applications

基　　金：国家自然科学基金(U1836205);贵州省科技计划项目(黔科合平台人才[2020]5017)。

摘　　要：为了提高无线射频识别(RFID)系统执行身份认证的效率和解决通信双方身份隐私保护问题,提出一种新的轻量级RFID双向认证协议,该协议主要采用ECC密码算法和Hash函数。基于Hash函数、ECC密码算法与或运算,使用随机数生成器生成不可预测的消息认证码以保障双向认证时传输消息的新鲜性;通过椭圆曲线加密算法隐藏通信双方的真实身份,基于ECDLP(椭圆曲线离散对数问题)困难问题,在保证身份隐私的前提下,采用两轮消息交互的模式让通信双方相互验证新鲜的消息认证码来实现协议的双向认证;通过指定密钥种子协商出标签和服务器的共享会话密钥,并设计密钥自动更新机制以实现双方的密钥同步。与部分典型的双向认证协议进行分析对比,所提出的双向认证协议相较同类的双向认证协议最多节省近40%的计算时间和25%的存储空间,并且能够支持多种安全需求和抵抗不同的恶意攻击。In order to improve the efficiency of identifying authentication in radio frequency identification(RFID)system and solve the problem of protecting privacy of communication participants,a novel lightweight RFID bidirectional authen-tication protocol is proposed.The protocol adopts ECC cryptographic algorithm and Hash function.Firstly,based on Hash function,ECC cryptographic algorithm and or operation,the random number generator is used to generate the unpredict-able message authentication code to ensure the freshness of transmitted information during bidirectional authentication.Then,the real identity of the communication participants is hidden via using elliptic curve encryption algorithm.Based on ECDLP difficult problem and ensuring the identity privacy,the protocol adopted two rounds of message interaction mode for the communication participants to verify the fresh message authentication code,so as to achieve the bidirectional authen-tication.Finally,the shared session key of the tag and server is negotiated by specifying the key seed.The automatic rekey-ing mechanism is designed to realize the key synchronization between the two participants.In comparison with some typi-cal bidirectional authentication protocols,the proposed bidirectional authentication protocol can save the computation time by up to 40%and the storage space by up to 25%.In addition,it can support the multiple security requirements and resist different malicious attacks.

关 键 词：HASH函数 椭圆曲线加密算法(ECC) 无线射频识别(RFID) 双向认证协议 安全性分析 

分 类 号：TP309.2[自动化与计算机技术—计算机系统结构]