基于切比雪夫混沌映射和PUF的RFID三方认证协议  

作　　者：徐森 刘佳鑫 杨硕 赵洋 Xu Sen;Liu Jiaxin;Yang Shuo;Zhao Yang(School of Computer Science&Technology,Shenyang University of Chemical Technology,Shenyang 110142,China;Liaoning Key Laboratory of Intelligent Technology for Chemical Process Industry,Shenyang 110142,China)

机构地区：[1]沈阳化工大学计算机科学与技术学院,沈阳110142 [2]辽宁省化工过程工业智能化技术重点实验室,沈阳110142

出　　处：《计算机应用研究》2024年第2期582-586,595,共6页Application Research of Computers

基　　金：辽宁省教育厅基本科研项目面上项目(LJKMZ20220782)。

摘　　要：针对射频识别(RFID)三方认证协议存在的安全需求和资源开销的平衡问题,利用切比雪夫多项式的半群性质以及混沌性质提出了一个基于切比雪夫混沌映射和物理不可克隆函数(PUF)的RFID三方认证协议:使用切比雪夫混沌映射来实现标签、阅读器和服务器三方共享秘密;使用随机数实现协议每轮会话的新鲜性以抵抗重放攻击,同时也实现了阅读器与标签的匿名性;使用PUF函数实现标签本身的安全认证以及抵抗物理克隆攻击。安全分析表明,该协议能有效抵抗追踪、重放、物理克隆和去同步攻击等多种恶意攻击,使用BAN逻辑分析方法和Scyther工具验证了其安全性。与近期协议对比分析表明,该协议弥补了同类RFID协议的安全缺陷,在满足各种安全属性需求的同时尽量平衡硬件开销,契合了RFID硬件资源受限的处境,适用于RFID三方认证场景。In order to balance the security requirements and resource costs of the three party authentication protocols for radio frequency identification(RFID),this paper proposed a protocol based on Chebyshev chaotic mapping and physical unclonable function(PUF),taking advantage of the semi-group property and chaotic property of Chebyshev polynomials.It used Chebyshev chaotic mapping to achieve secret sharing among tags,readers,and servers,and used random numbers to achieve freshness of each session which could resist replay attack,and also to realize the anonymity of readers and tags.It used the PUF function to achieve the authentication of the label and to resist physical cloning attacks.Security analysis shows that this protocol can effectively resist various malicious attacks such as tracking,replay,physical cloning,and de-synchronization attacks.Moreover,it verified the security properties of the protocol using formal methods,including BAN logic and Scyther tool.Compared with recent studies,this protocol compensates for the security deficiencies of similar RFID protocols,balancing hardware costs as much as possible while meeting various security attribute requirements,and still fitting the limited hardware resources of RFID.It is suitable for third-party authentication scenarios in RFID.

关 键 词：射频识别 物理不可克隆函数 切比雪夫混沌映射 三方认证 BAN逻辑 Scyther工具 

分 类 号：TP309[自动化与计算机技术—计算机系统结构]