CN104115442A - RFID bidirectional authentication method based on asymmetric secret key and Hash function - Google Patents

RFID bidirectional authentication method based on asymmetric secret key and Hash function Download PDF

Info

Publication number
CN104115442A
CN104115442A CN201380003846.4A CN201380003846A CN104115442A CN 104115442 A CN104115442 A CN 104115442A CN 201380003846 A CN201380003846 A CN 201380003846A CN 104115442 A CN104115442 A CN 104115442A
Authority
CN
China
Prior art keywords
hash function
label
function value
numeric string
reader
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Granted
Application number
CN201380003846.4A
Other languages
Chinese (zh)
Other versions
CN104115442B (en
Inventor
苑津莎
胡岳
戚银城
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
North China Electric Power University
Original Assignee
North China Electric Power University
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by North China Electric Power University filed Critical North China Electric Power University
Publication of CN104115442A publication Critical patent/CN104115442A/en
Application granted granted Critical
Publication of CN104115442B publication Critical patent/CN104115442B/en
Active legal-status Critical Current
Anticipated expiration legal-status Critical

Links

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/32Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials
    • H04L9/3236Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials using cryptographic hash functions
    • H04L9/3242Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials using cryptographic hash functions involving keyed hash functions, e.g. message authentication codes [MACs], CBC-MAC or HMAC
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/08Key distribution or management, e.g. generation, sharing or updating, of cryptographic keys or passwords
    • H04L9/0891Revocation or update of secret information, e.g. encryption key update or rekeying
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L2209/00Additional information or applications relating to cryptographic mechanisms or cryptographic arrangements for secret or secure communication H04L9/00
    • H04L2209/80Wireless
    • H04L2209/805Lightweight hardware, e.g. radio-frequency identification [RFID] or sensor

Landscapes

  • Engineering & Computer Science (AREA)
  • Computer Security & Cryptography (AREA)
  • Computer Networks & Wireless Communication (AREA)
  • Signal Processing (AREA)
  • Power Engineering (AREA)
  • Storage Device Security (AREA)

Abstract

The invention discloses an RFID bidirectional authentication method based on an asymmetric secret key and a Hash function in the technical field of information security. The method comprises as follows: a reader sends request information to a label; after the label receives the request information, the label sends a label indentification symbol DID encrypted by a public key to the reader; the reader receives the label identification symol DID encrypted by the public key, decrypts the symbol via a private key, and obtains a label identification symbol ID; the reader obtains a digital string num used for Hash function verification according to the label identification symbol ID, and determining whether the label is a legal label; if the label is the legal label, the digital string num is updated. According to the method, the calculating amount of the label is not increased, the Hash function spying and attack are effectively avoided, the security of the updating of the digital string num is guaranteed, and the Hash conflict problem is solved.

Description

RFID mutual authentication method based on unsymmetrical key and Hash function
Technical field
The invention belongs to field of information security technology, relate in particular to a kind of based on unsymmetrical key and Hash letter
The RFID mutual authentication method of number.
Background technology
Internet of Things is the important component part of generation information technology." Internet of Things is exactly the connected the Internet of thing thing ", its user side extends and has expanded between any article and article, carries out information exchange and communicates by letter.Internet of Things is by the fusion application of Intellisense, recognition technology and general fit calculation, Ubiquitous Network, is the application extension of the Internet.
RFID of Internet-of-things system is generally comprised of three parts when carrying out authentication: be built in Internet of Things information system EPC Information System (EPC-IS), read write line (Reader), label (Tag) on the Internet.If the system of an enclose inside, EPC-IS can be substituted by local data base.
Communicating by letter between rfid interrogator and label undertaken by air interface, has potential safety hazard.The safety problem of rfid system itself can be summarized as privacy and two aspects of authentication: aspect privacy, be mainly traceability problem, research at present finds that the attack type that may suffer has in open rfid system: 1, eavesdropping; 2, label is followed the tracks of; 3, spoofing attack; 4, Replay Attack; 5, Denial of Service attack; 6, man-in-the-middle attack; 7, label-copying; 8, physical attacks; 9, location-based attack.
Based on to the considering of the aspects such as rfid system fail safe, availability, researched and proposed at present a variety of solutions and safeguard measure, mainly can be divided into physical mechanism, cipher mechanism and way that the two combines.Wherein, the security authentication mechanism based on cryptographic algorithm is because the advantages such as its fail safe become the research emphasis of researching and solving at present RFID safety problem.
Along with the development of RFID, up to the present, there is the typically RFID security protocol based on Hash function of many kinds.
Document 1 (S.Weis.Security and Privacy in Radio Frequency Identification Device.Master Thesis of MIT, Massachusetts USA, 2003) Hash lock (Hash-Lock) agreement has been proposed, it replaces real label ID by the cryptographic Hash of label ID, avoid leakage of information, but in agreement, there is no ID dynamic refresh mechanism, and the cryptographic Hash of ID remains unchanged, ID transmits by unsafe channel with form expressly, therefore Hash lock agreement is very easy to be subject to impersonation attack and replay attack, assailant also can be easy to label to follow the trail of.
Document 2 (S.Weis, S.Sarma, R.Rivest, etc.Security and Privacy Aspects of Low-Cost Radio Frequency Identification Systems.In:Proceedings of the First Security in Pervasive Computing, LNCS, 2004, 2802:201 1) randomization Hash lock (Random Hash-Lock) agreement proposed, solved the problem that in Hash lock, follow the tracks of position, but because pseudorandom number generator is integrated in label inside, it is more difficult that low-cost label is realized this scheme, and the read write line authenticating after passing through transmits in mode expressly tag identifier ID at insecure channels, therefore assailant can effectively follow the trail of label.Meanwhile, once obtain the identifier ID of label, assailant just can palm off label.
Document 3 (Mlyako Ohkubo, Koutarou Suzuki and Shingo Kinoshita., Cryptographic Approach to Privacv-Friendly Tags.http: //www.r_dprivacy.org/2003/papers.ohkubo.pdf) proposed Hash chain, label has autonomous updating ability, there is indistinguishability and forward security, avoided the tracking, personation and the Replay Attack that because of fixing output, cause.But agreement is unilateral authentication agreement, can not make the legal identity of smart-tag authentication read write line.For realizing agreement, in label, integrated two Hash functions, have increased cost.And while authenticating, from database, read N record in a database that has a N label ID, 2N time Hash calculates and N comparison.Computer is processed load linear increase with the increase of the contained certified number of times of label, so the method is not suitable for existing the Internet of Things EPC-IS database environment of a large amount of radio-frequency (RF) tag.
Document 4 (Henrici D, Muller P.Hash-based enhancement of location privacy for radio-requency identification devices using varying identifiers.In:Proceedings of the2 ndiEEE Annual Conference on Pervasive Computing and Communications Workshops, Washington, DC, USA, 2004:149-153) ID having proposed based on Hash function changes agreement, increased the dynamic refresh mechanism of label ID, used a random number R to carry out dynamic refresh to label identifier, made the ID exchange message in session each time not identical.But between twice renewal ID, also exist the problem that place privacy is revealed.And, attacker sends an inquiry instruction to label, record the response of label, again this response is issued to legal read write line, be easy to make background end to upgrade ID, thereby make the data in label and database asynchronous, label cannot cannot correctly be identified by read write line in communication afterwards, can not prevent man-in-the-middle attack.
The basic ideas of these agreements are all as virtual ID, to reply the inquiry of reader with the Hash functional value of label identifier.Also have at present some research approaches to use unsymmetrical key, but need in label, carry out encryption and decryption complete authentication, has increased the computational burden of label, is difficult to realize for low-cost label.
Summary of the invention
The object of the invention is to, propose a kind of RFID mutual authentication method based on unsymmetrical key and Hash function, the problem existing for solving the existing RFID security protocol based on Hash function.
To achieve these goals, the technical scheme that the present invention proposes is that a kind of RFID mutual authentication method based on unsymmetrical key and Hash function, is characterized in that described method comprises:
Step 1: reader sends request information to label;
Step 2: label is received after solicited message, sends with the label identifier DID of public key encryption to reader;
Step 3: reader is received the label identifier DID of public key encryption and with private key deciphering, obtained label identifier ID;
Step 4: reader, according to label identifier ID, is searched the numeric string num that label identifier ID is corresponding, and judged that whether label is legal label, if label is legal label, performs step 5 in the database connecting with reader; Otherwise label is illegal label, finish verification process;
Step 5: upgrade numeric string num.
Described step 4 comprises:
Step 101: reader is transmitted to database label identifier ID, database root is searched numeric string Dnum after its corresponding public key encryption and the Item Information DM after public key encryption according to label identifier ID, and the Item Information DM after the numeric string Dnum after described public key encryption and public key encryption is sent to reader;
Step 102: reader respectively to the numeric string Dnum after public key encryption and the deciphering of the Item Information DM after public key encryption, obtains numeric string num and Item Information M with private key;
Step 103: reader produces the first random number R 1and calculate the first hash function value H 1=H (num||R 1), then by the first random number R 1send to label; Wherein, H () represents Hash functional operation, and " || " represents that front and back character string connects or displacement computing;
Step 104: label is received the first random number R 1after, calculate the second hash function value H 2=H (num||R 1) and the second hash function value H 2send to reader;
Step 105: reader is received the second hash function value H 2after, judgement the second hash function value H 2with the first hash function value H 1whether equate, if the second hash function value H 2with the first hash function value H 1unequal, judge that label is as illegal label; If the second hash function value H 2with the first hash function value H 1equate, label is legal label.
Described renewal numeric string num comprises:
Step 201: reader produces the second random number R 2and calculate the 3rd hash function value H 3=H (num||R 2);
Step 202: reader sends and comprises the 3rd hash function value H 3, the second random number R 2with the first Frame that upgrades numeric string num order to label;
Step 203: label is received described the first Frame, calculates the 4th hash function value H 4=H (num||R 2); By the 4th hash function value H 4with the 3rd hash function value H 3compare, if the 4th hash function value H 4with the 3rd hash function value H 3unequal, finish verification process; If the 4th hash function value H 4with the 3rd hash function value H 3equate, perform step 204;
Step 204: label produces the 3rd random number R 3, calculate numeric string Nnum=num ⊕ R 3, with numeric string Nnum, upgrade numeric string num, and calculate the 5th hash function value H 5=H (Nnum||R 3); Wherein ⊕ represent to add, subtract, multiplication and division or XOR;
Step 205: label sends and comprises computing ⊕, the 3rd random number R 3with the 5th hash function value H 5the second Frame to reader;
Step 206: reader is received described the second Frame, according to the 3rd random number R 3calculate numeric string Nnum'=num ⊕ R with computing ⊕ 3, and calculate the 6th hash function value H 6=H (Nnum'||R 3); By the 5th hash function value H 5with the 6th hash function value H 6compare, if the 5th hash function value H 5with the 6th hash function value H 6equate, tag update success, is encrypted the numeric string Dnnum after being encrypted with PKI to numeric string Nnum';
Step 207: send numeric string Dnnum after described public key encryption to database, upgrade the numeric string Dnum after public key encryption with the numeric string Dnnum after described public key encryption.
Described renewal numeric string num comprises:
Step 301: reader produces the second random number R 2, calculate numeric string Nnum=num ⊕ R 2, calculate the 3rd hash function value H 3=H (Nnum||R 2);
Step 302: reader sends and comprises the 3rd hash function value H 3, the second random number R 2with the second Frame of computing ⊕ to label; Wherein, computing ⊕ represent to add, subtract, multiplication and division or XOR;
Step 303: label is received after described the second Frame, according to the second random number R 2calculate numeric string Nnum'=num ⊕ R with computing ⊕ 2, and calculate the 4th hash function value H 4=H (Nnum'||R 2), compare the 3rd hash function value H 3with the 4th hash function value H 4if, the 3rd hash function value H 3with the 4th hash function value H 4unequal, finish verification process; If the 3rd hash function value H 3with the 4th hash function value H 4equate, perform step 304;
Step 304: label is replaced numeric string num with numeric string Nnum', and produces the 3rd random number R 3, calculate the 5th hash function value H 5=H (Nnum'||R 3);
Step 305: label sends and comprises the 3rd random number R 3, the 5th hash function value H 5with the 3rd Frame that is updated successfully information to reader;
Step 306: reader is received described the 3rd Frame, calculates the 6th hash function value H 6=H (Nnum||R 3), by the 6th hash function value H 6with the 5th hash function value H 5compare, if the 6th hash function value H 6with the 5th hash function value H 5equate, tag update success, encrypts and obtains DNnum numeric string Nnum with PKI;
Step 307: send numeric string Dnnum after described public key encryption to database, upgrade the numeric string Dnum after public key encryption with the numeric string Dnnum after described public key encryption.
Described database comprises local data base, also comprises EPC-IS data environment.
Beneficial effect of the present invention comprises:
(1) unsymmetrical key is combined with Hash function, by private key verification reader identity, can be used for open EPC-IS environment, in label, the labeled marker symbol DID of public key encryption for storage, does not increase tagged operand;
(2) increase the numeric string num arranging, the numeric string Dnum that public key encryption is used in the storage of EPC-IS database, can effectively for Hash function is anti-, steals secret information and attack;
(3) can select public key encryption product information, safer when product information need to be keep secret;
(4) in scheme, adopt the Hash operation of numeric string num to carry out authenticating tag, the irreversibility of hash function has ensured the safety that numeric string num upgrades, and maintains tag identifier ID constant simultaneously;
(5) utilize the unique identifier ID of label to be used as the data in major key inquiry EPC-IS, solved Hash collision problem.
Accompanying drawing explanation
Fig. 1 is the flow chart of the RFID mutual authentication method based on unsymmetrical key and Hash function that provides of embodiment 1;
Fig. 2 is the flow chart of the RFID mutual authentication method based on unsymmetrical key and Hash function that provides of embodiment 2.
Embodiment
Below in conjunction with accompanying drawing, preferred embodiment is elaborated.Should be emphasized that, following explanation is only exemplary, rather than in order to limit the scope of the invention and to apply.
In reader (Reader), introduce a random number generation module, and store unsymmetrical key to (private key L, PKI P), private key L is for verification reader identity, and PKI P is openly present in the Internet simultaneously.Label and reader write identical hash algorithm.Reader is connected with a computer conventionally, and can be by the EPC-IS data of internet access Internet of Things.
EPC-IS data comprise field: (1) data field, for the unique identifier ID of storage tags (Tag); (2) Dnum field, the num numeric string calculating for Hash function after encrypting for storage of public keys P; (3) field DM, the Item Information after encrypting for storage of public keys P.Before product export, utilize PKI after numeric string num and thing product information M encryption, to store EPC-IS into, whether Item Information M encrypts can determine as the case may be.
On label (Tag), stored DID, the label identifier after encrypting with PKI P, numeric string num and Hash function, and introduce a random number generation module.
The authenticating step of this rfid system as depicted in figs. 1 and 2, step 1001 is to the process of step 1008 (step 2001 is to step 2008) for authentication and reading information, and step 1009 to step 1015 (step 2009 is to step 2015) is used for upgrading numeric string num.Upgrading numeric string num in label has two kinds of methods, and a kind of is to produce new numeric string Nnum (Fig. 1) by label, and a kind of is to produce new numeric string Nnum (Fig. 2) by reader.
Embodiment 1
RFID mutual authentication method based on unsymmetrical key and Hash function comprises:
Step 1001: reader sends request information to label.
Step 1002: label is received after solicited message, sends with the label identifier DID of public key encryption to reader.
Step 1003: reader is received the label identifier DID of public key encryption and with private key deciphering, obtained label identifier ID.
Step 1004: reader is transmitted to database label identifier ID, database root is searched numeric string Dnum after its corresponding public key encryption and the Item Information DM after public key encryption according to label identifier ID, and the Item Information DM after the numeric string Dnum after described public key encryption and public key encryption is sent to reader.
Step 1005: reader respectively to the numeric string Dnum after public key encryption and the deciphering of the Item Information DM after public key encryption, obtains numeric string num and Item Information M with private key.
Step 1006: reader produces the first random number R 1and calculate the first hash function value H 1=H (num||R 1), then by the first random number R 1send to label; Wherein, H () represents Hash functional operation, and " || " represents the computings such as front and back character string connection, displacement.
Step 1007: label is received the first random number R 1after, calculate the second hash function value H 2=H (num||R 1) and the second hash function value H 2send to reader.
Step 1008: reader is received the second hash function value H 2after, judgement the second hash function value H 2with the first hash function value H 1whether equate, if the second hash function value H 2with the first hash function value H 1unequal, judge that label is as illegal label; If the second hash function value H 2with the first hash function value H 1equate, label is legal label.
Step 1009: reader produces the second random number R 2and calculate the 3rd hash function value H 3=H (num||R 2).
Step 1010: reader sends and comprises the 3rd hash function value H 3, the second random number R 2with the first Frame that upgrades numeric string num order to label.
Step 1011: label is received described the first Frame, calculates the 4th hash function value H 4=H (num||R 2); By the 4th hash function value H 4with the 3rd hash function value H 3compare, if the 4th hash function value H 4with the 3rd hash function value H 3unequal, finish verification process; If the 4th hash function value H 4with the 3rd hash function value H 3equate, perform step 1012.
Step 1012: label produces the 3rd random number R 3, calculate numeric string Nnum=num ⊕ R 3, with numeric string Nnum, upgrade numeric string num, and calculate the 5th hash function value H 5=H (Nnum||R 3); Wherein ⊕ represent to add, subtract, the computing such as multiplication and division or XOR.
Step 1013: label sends and comprises computing ⊕, the 3rd random number R 3with the 5th hash function value H 5the second Frame to reader.
Step 1014: reader is received described the second Frame, according to the 3rd random number R 3calculate numeric string Nnum'=num ⊕ R with computing ⊕ 3, and calculate the 6th hash function value H 6=H (Nnum'||R 3); By the 5th hash function value H 5with the 6th hash function value H 6compare, if the 5th hash function value H 5with the 6th hash function value H 6equate, tag update success, is encrypted the numeric string Dnnum after being encrypted with PKI to numeric string Nnum'.
Step 1015: the numeric string Dnnum after transmission public key encryption, to database, upgrades the numeric string Dnum after public key encryption with the numeric string Dnnum after public key encryption.
Embodiment 2
RFID mutual authentication method based on unsymmetrical key and Hash function comprises:
Step 2001: reader sends request information to label.
Step 2002: label is received after solicited message, sends with the label identifier DID of public key encryption to reader.
Step 2003: reader is received the label identifier DID of public key encryption and with private key deciphering, obtained label identifier ID.
Step 2004: reader is transmitted to database label identifier ID, database root is searched numeric string Dnum after its corresponding public key encryption and the Item Information DM after public key encryption according to label identifier ID, and the Item Information DM after the numeric string Dnum after described public key encryption and public key encryption is sent to reader.
Step 2005: reader respectively to the numeric string Dnum after public key encryption and the deciphering of the Item Information DM after public key encryption, obtains numeric string num and Item Information M with private key.
Step 2006: reader produces the first random number R 1and calculate the first hash function value H 1=H (num||R 1), then by the first random number R 1send to label; Wherein, H () represents Hash functional operation, and " || " represents the computings such as front and back character string connection, displacement.
Step 2007: label is received the first random number R 1after, calculate the second hash function value H 2=H (num||R 1) and the second hash function value H 2send to reader.
Step 2008: reader is received the second hash function value H 2after, judgement the second hash function value H 2with the first hash function value H 1whether equate, if the second hash function value H 2with the first hash function value H 1unequal, judge that label is as illegal label; If the second hash function value H 2with the first hash function value H 1equate, label is legal label.
Step 2009: reader produces the second random number R 2, calculate numeric string Nnum=num ⊕ R 2, calculate the 3rd hash function value H 3=H (Nnum||R 2).
Step 2010: reader sends and comprises the 3rd hash function value H 3, the second random number R 2with the second Frame of computing ⊕ to label; Wherein, computing ⊕ represent to add, subtract, the computing such as multiplication and division or XOR.
Step 2011: label is received after described the second Frame, according to the second random number R 2calculate numeric string Nnum'=num ⊕ R with computing ⊕ 2, and calculate the 4th hash function value H 4=H (Nnum'||R 2), compare the 3rd hash function value H 3with the 4th hash function value H 4if, the 3rd hash function value H 3with the 4th hash function value H 4unequal, finish verification process; If the 3rd hash function value H 3with the 4th hash function value H 4equate, perform step 2012.
Step 2012: label is replaced numeric string num with numeric string Nnum', and produces the 3rd random number R 3, calculate the 5th hash function value H 5=H (Nnum'||R 3).
Step 2013: label sends and comprises the 3rd random number R 3, the 5th hash function value H 5with the 3rd Frame that is updated successfully information to reader.
Step 2014: reader is received described the 3rd Frame, calculates the 6th hash function value H 6=H (Nnum||R 3), by the 6th hash function value H 6with the 5th hash function value H 5compare, if the 6th hash function value H 6with the 5th hash function value H 5equate, tag update success, encrypts and obtains DNnum numeric string Nnum with PKI.
Step 2015: the numeric string Dnnum after transmission public key encryption, to database, upgrades the numeric string Dnum after public key encryption with the numeric string Dnnum after public key encryption.
Tool of the present invention has the following advantages:
(1) identifier ID of the label foundation that conduct does not authenticate, but be used for inquiring about the data in EPC-IS data.Supposing has N label in rfid system, and in each verification process, Tag only need carry out 1 time and calculate, and database only need carry out 1 search.Reader only need produce twice calculating just can judge the legitimacy of label, is applicable to EPC-IS environment.The methods such as Hash chain need be calculated 2N Hash function and compare, and EPC-IS data N value is thousands of more than one hundred million, cannot complete.The load of this programme system is low, and fail safe is higher, and has avoided Hash conflict.
(2) use asymmetric-key encryption deciphering product information M and character string num, public and private key has been written in reader in advance, even if packet DID (label identifier after encrypting with PKI P) is intercepted and captured, if assailant does not know private key L, cannot decryption information, effectively prevent that privacy from revealing.High with the two-way authentication phase specific efficiency in current document, easily realize.
(3) can resist multi-sending attack, avoid tracked.To numeric string, num upgrades, and carries out irreversible Hash operation with random number R, when authentication and renewal, uses different random numbers, and renewal value is unpredictable, prevents tracked; Even if last time, legal packet was intercepted and captured, when communicating by letter next time, retransmit, also cannot authentication success, because numeric string num upgrades computing with random number R.Each random number R is different, and result of calculation has randomness, can resist Replay Attack.
(4) solve the nonsynchronous problem of tag update, after each tag update completes, need to carry out Hash operation by character string Nnum and random number R after upgrading, by reader, upgraded confirmation.
(5) existing a lot of certificate scheme is only suitable for local data base, be not suitable for EPC-IS environment, and this programme is to design on the Internet of Things of general significance, if be used in the system of enclose inside, EPC-IS data are substituted by local data base, the same applicable feasibility of scheme, and practicality is high.
The various safety problems such as following table (table 1) is to using Hash lock agreement, Random Hash lock agreement, Hash chain agreement, ID to change agreement and self refresh RFID agreement in this paper,, anti-eavesdrop anti-tracking with regard to rfid system compare analysis.
In table 1, 〝 √ 〞 represents to resist this safety problem, and 〝 * 〞 represents to resist this safety problem, and 〝 ﹣ 〞 represents not discuss this problem.
As seen from Table 1, scheme in this paper can better be resisted the various safety problems of rfid system, guarantee that the ability of fail safe is far above other agreement, and a good rfid system certificate scheme not only will solve safety problem, also will consider the consumption of resource.This point is even more important for low-cost label.
Table 1, security performance comparison sheet
Below table 2 pair make existing variety of protocol and agreement herein compare analysis with regard to label needed Hash calculation times in verification process.
In supposing the system, there is n label.In all labels, data length is M, T hrepresent that Hash function calculates time used, T rproduce the required time of random number, T dwith unsymmetrical key, decipher required time.
Agreement Tag computing time Tag EMS memory occupation amount
Hash locks agreement 1T H 2M
Random Hash lock agreement 1T H,1T R 1M
Hash chain agreement 2T H 1M
Agreement in this paper 3T H,1T R 2M
Table 2, efficiency comparison sheet
As seen from Table 1, not needing in EPC-IS calculates, and only need once search for, and improved the reading rate of authentication rate and information.Label (Tag) is although need to carry out 3 Hash computings, and rear is for twice that fail safe is improved in order to upgrade.By internet access EPC-IS, have a regular hour and postpone, but be necessary in EPC-IS environment.
The above; be only the present invention's embodiment preferably, but protection scope of the present invention is not limited to this, is anyly familiar with in technical scope that those skilled in the art disclose in the present invention; the variation that can expect easily or replacement, within all should being encompassed in protection scope of the present invention.Therefore, protection scope of the present invention should be as the criterion with the protection range of claim.

Claims (5)

1. the RFID mutual authentication method based on unsymmetrical key and Hash function, is characterized in that described method comprises:
Step 1: reader sends request information to label;
Step 2: label is received after solicited message, sends with the label identifier DID of public key encryption to reader;
Step 3: reader is received the label identifier DID of public key encryption and with private key deciphering, obtained label identifier ID;
Step 4: reader, according to label identifier ID, is searched the numeric string num that label identifier ID is corresponding, and judged that whether label is legal label, if label is legal label, performs step 5 in the database connecting with reader; Otherwise label is illegal label, finish verification process;
Step 5: upgrade numeric string num.
2. method according to claim 1, is characterized in that described step 4 comprises:
Step 101: reader is transmitted to database label identifier ID, database root is searched numeric string Dnum after its corresponding public key encryption and the Item Information DM after public key encryption according to label identifier ID, and the Item Information DM after the numeric string Dnum after described public key encryption and public key encryption is sent to reader;
Step 102: reader respectively to the numeric string Dnum after public key encryption and the deciphering of the Item Information DM after public key encryption, obtains numeric string num and Item Information M with private key;
Step 103: reader produces the first random number R 1and calculate the first hash function value H 1=H (num||R 1), then by the first random number R 1send to label; Wherein, H () represents Hash functional operation, and " || " represents that front and back character string connects or displacement computing;
Step 104: label is received the first random number R 1after, calculate the second hash function value H 2=H (num||R 1) and the second hash function value H 2send to reader;
Step 105: reader is received the second hash function value H 2after, judgement the second hash function value H 2with the first hash function value H 1whether equate, if the second hash function value H 2with the first hash function value H 1unequal, judge that label is as illegal label; If the second hash function value H 2with the first hash function value H 1equate, label is legal label.
3. method according to claim 2, is characterized in that described renewal numeric string num comprises:
Step 201: reader produces the second random number R 2and calculate the 3rd hash function value H 3=H (num||R 2);
Step 202: reader sends and comprises the 3rd hash function value H 3, the second random number R 2with the first Frame that upgrades numeric string num order to label;
Step 203: label is received described the first Frame, calculates the 4th hash function value H 4=H (num||R 2); By the 4th hash function value H 4with the 3rd hash function value H 3compare, if the 4th hash function value H 4with the 3rd hash function value H 3unequal, finish verification process; If the 4th hash function value H 4with the 3rd hash function value H 3equate, perform step 204;
Step 204: label produces the 3rd random number R 3, calculate numeric string Nnum=num ⊕ R 3, with numeric string Nnum, upgrade numeric string num, and calculate the 5th hash function value H 5=H (Nnum||R 3); Wherein ⊕ represent to add, subtract, multiplication and division or XOR;
Step 205: label sends and comprises computing ⊕, the 3rd random number R 3with the 5th hash function value H 5the second Frame to reader;
Step 206: reader is received described the second Frame, according to the 3rd random number R 3calculate numeric string Nnum'=num ⊕ R with computing ⊕ 3, and calculate the 6th hash function value H 6=H (Nnum'||R 3); By the 5th hash function value H 5with the 6th hash function value H 6compare, if the 5th hash function value H 5with the 6th hash function value H 6equate, tag update success, is encrypted the numeric string Dnnum after being encrypted with PKI to numeric string Nnum';
Step 207: send numeric string Dnnum after described public key encryption to database, upgrade the numeric string Dnum after public key encryption with the numeric string Dnnum after described public key encryption.
4. method according to claim 2, is characterized in that described renewal numeric string num comprises:
Step 301: reader produces the second random number R 2, calculate numeric string Nnum=num ⊕ R 2, calculate the 3rd hash function value H 3=H (Nnum||R 2);
Step 302: reader sends and comprises the 3rd hash function value H 3, the second random number R 2with the second Frame of computing ⊕ to label; Wherein, computing ⊕ represent to add, subtract, multiplication and division or XOR;
Step 303: label is received after described the second Frame, according to the second random number R 2calculate numeric string Nnum'=num ⊕ R with computing ⊕ 2, and calculate the 4th hash function value H 4=H (Nnum'||R 2), compare the 3rd hash function value H 3with the 4th hash function value H 4if, the 3rd hash function value H 3with the 4th hash function value H 4unequal, finish verification process; If the 3rd hash function value H 3with the 4th hash function value H 4equate, perform step 304;
Step 304: label is replaced numeric string num with numeric string Nnum', and produces the 3rd random number R 3, calculate the 5th hash function value H 5=H (Nnum'||R 3);
Step 305: label sends and comprises the 3rd random number R 3, the 5th hash function value H 5with the 3rd Frame that is updated successfully information to reader;
Step 306: reader is received described the 3rd Frame, calculates the 6th hash function value H 6=H (Nnum||R 3), by the 6th hash function value H 6with the 5th hash function value H 5compare, if the 6th hash function value H 6with the 5th hash function value H 5equate, tag update success, encrypts and obtains DNnum numeric string Nnum with PKI;
Step 307: send numeric string Dnnum after described public key encryption to database, upgrade the numeric string Dnum after public key encryption with the numeric string Dnnum after described public key encryption.
5. according to the method described in claim 1-4 any one claim, it is characterized in that described database comprises local data base, also comprises EPC-IS data environment.
CN201380003846.4A 2013-06-20 2013-06-20 RFID bidirectional authentication method based on asymmetric secret key and Hash function Active CN104115442B (en)

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
PCT/CN2013/000716 WO2014201585A1 (en) 2013-06-20 2013-06-20 Rfid bidirectional authentication method based on asymmetric key and hash function

Publications (2)

Publication Number Publication Date
CN104115442A true CN104115442A (en) 2014-10-22
CN104115442B CN104115442B (en) 2017-02-08

Family

ID=51710608

Family Applications (1)

Application Number Title Priority Date Filing Date
CN201380003846.4A Active CN104115442B (en) 2013-06-20 2013-06-20 RFID bidirectional authentication method based on asymmetric secret key and Hash function

Country Status (2)

Country Link
CN (1) CN104115442B (en)
WO (1) WO2014201585A1 (en)

Cited By (9)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN104683108A (en) * 2015-03-05 2015-06-03 西安电子科技大学 Security authentication method for repealing radio frequency identification tag application of multi-application card
CN105357015A (en) * 2015-12-02 2016-02-24 华北电力大学(保定) Internet of things (IOT) security authentication method
CN105447430A (en) * 2015-11-19 2016-03-30 中南大学 Label and method for recognizing label through employing HARN protocol
CN106712962A (en) * 2016-12-23 2017-05-24 西安电子科技大学 Mobile RFID system bidirectional authentication method and system
CN108199851A (en) * 2018-02-01 2018-06-22 北京华大智宝电子系统有限公司 A kind of data safe transmission method, apparatus and system
CN108900293A (en) * 2018-05-08 2018-11-27 西安理工大学 A kind of RFID security authentication protocol based on hash function and elliptic curve
CN110492992A (en) * 2019-07-22 2019-11-22 哈尔滨工程大学 A kind of data encryption and transmission method based on radio RF recognition technology
CN110612698A (en) * 2017-05-22 2019-12-24 株式会社Fns价值 Security authentication system and security authentication method for generating security key by combining authentication factors of multiple users
CN112364339A (en) * 2020-08-21 2021-02-12 中国科学院信息工程研究所 Improved safe lightweight RFID authentication method

Families Citing this family (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US11213773B2 (en) 2017-03-06 2022-01-04 Cummins Filtration Ip, Inc. Genuine filter recognition with filter monitoring system
CN110245534B (en) * 2019-06-15 2024-03-19 吴新胜 High-security radio frequency identification method, device and system based on mutual authentication

Citations (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN1565002A (en) * 2001-09-04 2005-01-12 Ip和创新控股有限公司 System and method of authenticating an article
US20070057768A1 (en) * 2005-09-13 2007-03-15 Nec (China) Co., Ltd. Radio frequency identification system and method
CN101217362A (en) * 2007-12-29 2008-07-09 中山大学 RFID communication security mechanism established based on dynamic randomization DRNTRU public key encryption system

Family Cites Families (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US20080001752A1 (en) * 2005-04-21 2008-01-03 Skyetek, Inc. System and method for securing rfid tags
CN101847199B (en) * 2009-03-24 2012-06-06 复旦大学 Security authentication method for radio frequency recognition system

Patent Citations (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN1565002A (en) * 2001-09-04 2005-01-12 Ip和创新控股有限公司 System and method of authenticating an article
US20070057768A1 (en) * 2005-09-13 2007-03-15 Nec (China) Co., Ltd. Radio frequency identification system and method
CN101217362A (en) * 2007-12-29 2008-07-09 中山大学 RFID communication security mechanism established based on dynamic randomization DRNTRU public key encryption system

Non-Patent Citations (2)

* Cited by examiner, † Cited by third party
Title
HARSH KAPOOR; DIJIANG HUANG: "Secret-Sharing Based Secure Communication Protocols for Passive RFIDs", 《GLOBAL TELECOMMUNICATIONS CONFERENCE, 2009. GLOBECOM 2009. IEEE》 *
章轶: "射频识别系统及其认证协议的研究", 《中国优秀硕士学位论文全文数据库(信息科技辑)》 *

Cited By (13)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN104683108A (en) * 2015-03-05 2015-06-03 西安电子科技大学 Security authentication method for repealing radio frequency identification tag application of multi-application card
CN105447430A (en) * 2015-11-19 2016-03-30 中南大学 Label and method for recognizing label through employing HARN protocol
CN105447430B (en) * 2015-11-19 2017-10-03 中南大学 A kind of label and the method using the HARN protocol identifications label
CN105357015B (en) * 2015-12-02 2018-11-30 华北电力大学(保定) A kind of Internet of Things safety certifying method
CN105357015A (en) * 2015-12-02 2016-02-24 华北电力大学(保定) Internet of things (IOT) security authentication method
CN106712962A (en) * 2016-12-23 2017-05-24 西安电子科技大学 Mobile RFID system bidirectional authentication method and system
CN110612698A (en) * 2017-05-22 2019-12-24 株式会社Fns价值 Security authentication system and security authentication method for generating security key by combining authentication factors of multiple users
CN110612698B (en) * 2017-05-22 2021-05-11 株式会社Fns价值 Security authentication system and security authentication method for generating security key by combining authentication factors of multiple users
CN108199851A (en) * 2018-02-01 2018-06-22 北京华大智宝电子系统有限公司 A kind of data safe transmission method, apparatus and system
CN108900293A (en) * 2018-05-08 2018-11-27 西安理工大学 A kind of RFID security authentication protocol based on hash function and elliptic curve
CN108900293B (en) * 2018-05-08 2021-05-25 西安理工大学 RFID (radio frequency identification) security authentication protocol based on hash function and elliptic curve
CN110492992A (en) * 2019-07-22 2019-11-22 哈尔滨工程大学 A kind of data encryption and transmission method based on radio RF recognition technology
CN112364339A (en) * 2020-08-21 2021-02-12 中国科学院信息工程研究所 Improved safe lightweight RFID authentication method

Also Published As

Publication number Publication date
WO2014201585A1 (en) 2014-12-24
CN104115442B (en) 2017-02-08

Similar Documents

Publication Publication Date Title
CN104115442A (en) RFID bidirectional authentication method based on asymmetric secret key and Hash function
CN103413109B (en) A kind of mutual authentication method of radio frequency identification system
CN101847199B (en) Security authentication method for radio frequency recognition system
CN104184733B (en) A kind of RFID lightweight mutual authentication methods encoded based on CRC
Zhou et al. A lightweight anti-desynchronization RFID authentication protocol
CN101882197B (en) RFID (Radio Frequency Identification Device) inquiring-response safety certificate method based on grading key
Kardaş et al. Cryptanalysis of lightweight mutual authentication and ownership transfer for RFID systems
CN103795543A (en) Bidirectional security authentication method for RFIP system
Chen et al. An ownership transfer scheme using mobile RFIDs
CN103532718A (en) Authentication method and authentication system
Liao et al. A secure ECC-based RFID authentication scheme using hybrid protocols
CN104883681A (en) Mobile RFID mutual authentication method based on dynamic shared secret key
CN104333539A (en) RFID security authentication method based on Chebyshev mapping
CN102684872B (en) Safety communication method for ultrahigh frequency radio-frequency identification air interface based on symmetrical encryption
Chen et al. A secure ownership transfer protocol using EPCglobal Gen-2 RFID
CN104579688B (en) It is a kind of based on Hash function can synchronized update key RFID mutual authentication method
CN110650019B (en) RFID authentication method and system based on PUF and security sketch
CN109766966B (en) RFID tag random number synchronous updating method
Kim et al. Single tag sharing scheme for multiple-object RFID applications
Lei et al. A one-way Hash based low-cost authentication protocol with forward security in RFID system
Cao et al. Cryptanalysis of Two RFID Authentication Protocols.
Huang et al. An ultralightweight mutual authentication protocol for EPC C1G2 RFID tags
Li et al. Emap: An efficient mutual authentication protocol for passive RFID tags
Abyaneh On the privacy of two tag ownership transfer protocols for RFIDs
Li et al. PUF-based RFID ownership transfer protocol in an open environment

Legal Events

Date Code Title Description
C06 Publication
PB01 Publication
C10 Entry into substantive examination
SE01 Entry into force of request for substantive examination
C14 Grant of patent or utility model
GR01 Patent grant