RFID认证协议安全性模型检测验证方法  被引量：1

作　　者：贾昊洲 徐鹏 王丹琛[1,3] 徐扬 Jia Haozhou;Xu Peng;Wang Danchen;Xu Yang(National-Local Joint Engineering Laboratory of System Credibility Automatic Verification,Chengdu 611756;School of Mathematics,Southwest Jiaotong University,Chengdu 611756;Sichuan Digital Economy Research Center,Chengdu 611756)

机构地区：[1]系统可信性自动验证国家地方联合工程实验室,成都611756 [2]西南交通大学数学学院,成都611756 [3]四川省数字经济研究中心,成都611756

出　　处：《信息安全研究》2024年第11期1043-1048,共6页Journal of Information Security Research

基　　金：中央高校基本科研业务费专项资金项目(2682021GF012)。

摘　　要：RFID技术作为物联网的核心技术,在各个领域中已被广泛应用.目前RFID系统频繁遭受安全威胁,主要原因在于RFID系统中的读取器和标签使用的是无线通信方式.RFID安全认证协议作为RFID系统通信安全保障的一种重要手段,其内在安全至关重要,同时形式化方法已成为当前提高协议内在安全的一种主要方法.针对典型的超轻量级双向认证RCIA协议,提出了一种通用的建模方法,并采用此方法为RCIA协议建立了SMV模型,通过NuSMV对该模型进行了安全性验证.实验结果确认了RCIA协议在一致性方面存在安全缺陷,进一步分析验证结果,并提供了缺陷相应的攻击路径.针对该缺陷,提出了一个通用的解决方案,并评估了其可行性.RFID technology,as the core technology of the Internet of Things,has been widely used in various fields.Currently,RFID systems frequently face security threats,mainly due to the wireless communication used by the readers and tags in RFID systems.RFID security authentication protocols,as an important means to ensure communication security in RFID systems,are crucial for their inherent security.Formal methods have become a major technical approach for enhancing the inherent security of protocols.A general modeling method is proposed for the typical ultra-lightweight mutual authentication RCIA protocol.Using this method,an SMV(symbolic model verification)model is established for the RCIA protocol,and security property verification is conducted on this model using NuSMV.Experimental results confirm the existence of security flaws in the consistency aspect of the RCIA protocol.Further analysis of the verification results is provided,along with corresponding attack paths for the flaws.A general solution is proposed for this flaw,and its feasibility is evaluated.

关 键 词：RFID 认证协议 模型检测 NUSMV 形式化验证 

分 类 号：TP399[自动化与计算机技术—计算机应用技术] TN915.04[自动化与计算机技术—计算机科学与技术]