[1]范文兵,常正泰,艾璐琳,等.基于PUF的高安全性轻量级RFID三方认证协议[J].郑州大学学报(工学版),2023,44(02):46-52.[doi:10.13705/j.issn.1671-6833.2023.02.002]
 FAN Wenbing,CHANG Zhengtai,AI Lulin,et al.High-security Lightweight RFID Triple Authentication Protocol Based on PUF[J].Journal of Zhengzhou University (Engineering Science),2023,44(02):46-52.[doi:10.13705/j.issn.1671-6833.2023.02.002]
点击复制

基于PUF的高安全性轻量级RFID三方认证协议()
分享到:

《郑州大学学报(工学版)》[ISSN:1671-6833/CN:41-1339/T]

卷:
44卷
期数:
2023年02期
页码:
46-52
栏目:
出版日期:
2023-02-27

文章信息/Info

Title:
High-security Lightweight RFID Triple Authentication Protocol Based on PUF
作者:
范文兵 常正泰 艾璐琳 孔德涵
郑州大学 电气与信息工程学院,河南 郑州 450001

Author(s):
FAN Wenbing CHANG Zhengtai AI Lulin KONG Dehan
School of Electrical and Information Engineering, Zhengzhou University, 450001, Zhengzhou, Henan

关键词:
射频识别 物理不可克隆函数 二次剩余 三方认证 形式化分析
Keywords:
radio frequency identification physical unclonable function quadratic residue triple authentication
分类号:
TP309
DOI:
10.13705/j.issn.1671-6833.2023.02.002
文献标志码:
A
摘要:
针对射频识别(RFID)三方认证协议存在的安全需求和资源开销难以折中的问题,提出一种基于 PUF 的 高安全性轻量级 RFID 三方认证协议( PHL-RTAP) 。 PHL-RTAP 协议利用物理不可克隆函数( PUF) 实现对标签身 份的安全认证,保护标签免受物理克隆攻击,同时降低了标签开销,满足资源受限的 RFID 系统的需求;采用二次剩 余算法实现对阅读器身份的安全认证,保护阅读器的数据隐私;引入随机数抵抗重放攻击,同时保证了阅读器与标 签的匿名性和不可追踪性。 PHL-RTAP 协议实现了服务器、阅读器和标签之间完整的三方认证,可以依据需求扩 展 RFID 系统中阅读器和标签规模,使其适用于大规模标签的 RFID 系统。 安全分析表明:PHL-RTAP 协议能够有 效抵抗追踪、重放、物理克隆和去同步化等多种恶意攻击,使用 BAN 逻辑分析法和 AVISPA 工具证明了协议的安全 性。 与近期协议的对比分析显示:PHL-RTAP 协议弥补了同类 RFID 协议的安全缺陷,并且计算开销、通信开销和 标签存储开销等资源开销都较低,在保证高安全性的同时实现了轻量级,适用于资源受限的 RFID 三方认证场景。
Abstract:
To solve the difficult tradeoff between security requirements and resource cost in radio frequency identification (RFID) triple authentication protocol, a PUF-based high-security lightweight RFID triple authentication protocol ( PHL-RTAP) was proposed. Physical unclonable function ( PUF) was utilized to authenticate the tag identity for protecting the tag from physical cloning attacks and reducing the tag cost, meeting the demand of resource-constrained RFID system. The quadratic residual algorithm was adopted to secure the reader data privacy. Random numbers were introduced to resist replay attacks and ensure the anonymity and untraceability of tags and readers. The PHL-RTAP could realize a complete triple authentication between server, reader and tag, and expand the scale of readers and tags in RFID systems according to different requirements, so that it was suitable for large-scale tag RFID system. Security analysis showed that PHL-RTAP could effectively resist various malicious attacks such as tracking attacks, replay attacks, physical cloning attacks and desynchronization attacks. BAN logic analysis and AVISPA tool were used to verify the security of the protocol. Compared with recent protocols, PHL-RTAP could make up for the security defects of similar RFID protocols, and has low resource costs such as computing cost, tag storage cost, and communication cost. PHL-RTAP could achieve both high security and lightweight, and was suitable for resource-constrained RFID triple authentication scenarios.

参考文献/References:

[1] 范文兵, 李建华, 禹士鹏, 等. RFID 系统数据传输中 CRC 算法 的 分 析 与 实 现 [ J] . 郑 州 大 学 学 报 ( 工 学 版) , 2010, 31(2) : 97-101. 

FAN W B, LI J H, YU S P, et al. Analysis and implementation of CRC in RFID system[ J] . Journal of Zhengzhou University ( Engineering Science) , 2010, 31 ( 2) : 97-101.
 [2] 刘鹏, 张昌宏, 欧庆于. 基于 Hash 函数的移动射频识 别互认证安全协议设计[ J] . 计算机应用, 2013, 33 (5) : 1350-1352. 
LIU P, ZHANG C H, OU Q Y. Authentication protocol of mobile RFID based on Hash function [ J] . Journal of Computer Applications, 2013, 33(5) : 1350-1352.
 [3] 王国伟, 贾宗璞, 彭维平. 基于动态共享密钥的移动 RFID 双向认 证 协 议 [ J] . 电 子 学 报, 2017, 45 ( 3) : 612-618. 
WANG G W, JIA Z P, PENG W P. A mutual authentication protocol of mobile RFID based on dynamic shared-key [J]. Acta Electronica Sinica, 2017, 45(3): 612-618. 
[4] FARASH M S, NAWAZ O, MAHMOOD K, et al. A provably secure RFID authentication protocol based on elliptic curve for healthcare environments [ J] . Journal of Medical Systems, 2016, 40(7) : 165-173. 
[5] XIAO H N, ALSHEHRI A A, CHRISTIANSON B. A cloud-based RFID authentication protocol with insecure communication channels[ C] / / 2016 IEEE Trustcom / BigDataSE / ISPA. Piscataway: IEEE,2016: 332-339.
 [6] CHIEN H Y. SASI: a new ultralightweight RFID authentication protocol providing strong authentication and strong 52 郑 州 大 学 学 报 (工 学 版) 2023 年 integrity[ J] . IEEE Transactions on Dependable and Secure Computing, 2007, 4(4) : 337-340. 
[7] TIAN Y, CHEN G L, LI J H. A new ultralightweight RFID authentication protocol with permutation[ J] . IEEE Communications Letters, 2012, 16(5) : 702-705.
 [8] CHIOU S Y, CHANG S Y. An enhanced authentication scheme in mobile RFID system [ J] . Ad Hoc Networks, 2018, 71: 1-13.
 [9] 王利, 李二霞, 纪宇晨, 等. 基于 PUF 的抗物理克隆 RFID 安全 认 证 协 议 [ J] . 信 息 网 络 安 全, 2020, 20 (8) : 89-97. WANG L, LI E X, JI Y C, et al. PUF-based anti-physical cloning RFID security authentication protocol [ J ] . Netinfo Security, 2020, 20(8) : 89-97. [10] 尹魏昕, 贾 咏 哲, 高 艳 松, 等. 物 理 不 可 克 隆 函 数 ( PUF)研究 综 述 [ J ] . 网 络 安 全 技 术 与 应 用, 2018 (6) : 41-42, 54. 
YIN W X, JIA Y Z, GAO Y S, et al. Review of physical unclonable function ( PUF) [ J] . Network Security Technology & Application, 2018(6) : 41-42, 54.
 [11] 李永强, 刘兆伟. 基于区块链的车联网安全信息共享 机制设 计 [ J] . 郑 州 大 学 学 报 ( 工 学 版) , 2022, 43 (1) : 103-110. 
LI Y Q, LIU Z W. Blockchain-based secure data sharing mechanism design in the vehicular networks[ J] . Journal of Zhengzhou University ( Engineering Science) , 2022, 43(1) : 103-110. 
[12] CHANG Z T, SHI S S, SONG B W, et al. Modeling attack resistant arbiter PUF with time-variant obfuscation scheme [ C ] / / 2021 31st International Conference on Field-Programmable Logic and Applications ( FPL) . Piscataway: IEEE,2021: 60-63. 
[13] 周楠楠. RFID 系 统 中 无 源 标 签 的 伪 随 机 数 发 生 器 [D] . 西安: 西安电子科技大学, 2015. 
ZHOU N N. Pseudo random number generators in the passive tags of RFID system[D] . Xi′an: Xidian University, 2015. 
[14] DOSS R, ZHOU W L, YU S. Secure RFID tag ownership transfer based on quadratic residues[ J] . IEEE Transactions on Information Forensics and Security, 2013, 8 (2) : 390-401.
 [15] 杨世平. 安全协议及其 BAN 逻辑分析研究 [ D] . 贵 阳: 贵州大学, 2007. 
YANG S P. Security protocols and its BAN logic analysis [D] . Guiyang: Guizhou University, 2007. 
[16] VIGANÒ L. Automated security protocol analysis with the AVISPA tool [ J] . Electronic Notes in Theoretical Computer Science, 2006, 155: 61-86. 
[17] FAN K, ZHU S S, ZHANG K, et al. A lightweight authentication scheme for cloud-based RFID healthcare systems[ J] . IEEE Net

相似文献/References:

[1]范文兵,李建华,禹士鹏,等.RFID系统数据传输中CRC算法的分析与实现[J].郑州大学学报(工学版),2010,31(02):101.[doi:10.3969/j.issn.1671-6833.2010.02.024]
 FAN Wenbing,LI Jianhua,Yu Shipeng,et al.Analysis and implementation of CRC algorithm in RFID system data transmission[J].Journal of Zhengzhou University (Engineering Science),2010,31(02):101.[doi:10.3969/j.issn.1671-6833.2010.02.024]
[2]贺蕾,甘勇,尹毅峰,等.基于随机排列函数的RFID标签所有权转换协议[J].郑州大学学报(工学版),2013,34(06):24.[doi:10.3969/j.issn.1671-6833.2013.06.006]
 HELei,GAN Yong,YIN Yi-feng,et al.OwnershipTransferProtocol of RFIDTags Based onRandomPermutationFunctions[J].Journal of Zhengzhou University (Engineering Science),2013,34(02):24.[doi:10.3969/j.issn.1671-6833.2013.06.006]

更新日期/Last Update: 2023-02-25