CN101470794A - Authentication method, equipment and system for wireless radio frequency recognition system - Google Patents
Authentication method, equipment and system for wireless radio frequency recognition system Download PDFInfo
- Publication number
- CN101470794A CN101470794A CNA2008100014136A CN200810001413A CN101470794A CN 101470794 A CN101470794 A CN 101470794A CN A2008100014136 A CNA2008100014136 A CN A2008100014136A CN 200810001413 A CN200810001413 A CN 200810001413A CN 101470794 A CN101470794 A CN 101470794A
- Authority
- CN
- China
- Prior art keywords
- authentication information
- authentication
- label
- reader
- parameter
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Pending
Links
Images
Landscapes
- Mobile Radio Communication Systems (AREA)
Abstract
The embodiment of the invention discloses an identification method in a wireless radio frequency identification RFID system, which comprises the following steps: receiving first identification information and second identification information, locally searching for a label of the first identification information, generating third identification information according to the parameter of the label of the first identification information, judging whether the second identification information is the same with the third identification information or not, if the second identification information is the same with the third identification information, then, the identification to the label with the first identification information is successful. The embodiment of the invention further discloses a device and a system for identifying a RFID system. The embodiment of the invention reduces the calculation to the label and the compared times in the process of label identification, and improves reading efficiency.
Description
Technical field
The present invention relates to communication technical field, relate in particular to authentication method, equipment and system in a kind of radio frequency identification system.
Background technology
RFID (Radio Frequency Identification, radio frequency identification) technology is a kind of contactless automatic identification technology that moves to maturity since the eighties in last century, it is by the automatic recognition objective object of radiofrequency signal and obtain related data, need not manual intervention.Because the RFID technology has characteristics such as multiple goal identification and contactless identification, fields such as manufacturing industry, commerce, military affairs, daily life have been widely used at present, and demonstrate huge development potentiality and application space, be considered to one of the most rising technology of 21 century.
Rfid system generally is made of three parts: label, reader and background data base, its structure as shown in Figure 1.Wherein, background data base can be the Database Systems that run on any hardware platform, and the user can select according to actual needs voluntarily, and generally background data base has powerful calculating and storage capacity, and it is storing the information of all labels.Reader is actual to be a wireless transmit and a receiving equipment that has antenna, and its processing power, storage space are all bigger.Label is the microcircuit that has antenna, and label does not have microprocessor usually, only is made up of thousands of logic gates.
Though the RFID technology has a wide range of applications, the RFID communication system lacks effective security mechanism, has become the key factor of its large scale deployment of restriction and utilization.
A fairly perfect rfid system solution should possess following characteristic: confidentiality, information only are authorized to user capture; Integrality, information distorts or replaces resistance in the communication process; Authenticity, reader and label authentication and undeniable; Replay Attack resists, the playback of opposing communication information; Privacy, protection consumer's the privacy information or the commercial interest of related economic entity.
As a kind of wireless communication technology, the security solution of RFID except that the safety requirements with above-mentioned general wireless communication technology, also has the characteristics of self.Comprise:
Practicality: because reader and background data base all have more intense computing power usually, the Communication Security Problem between them can utilize ripe relatively computer network security mechanism to solve.But the labeling requirement low cost, computing power and storage space are all more limited, have limited the use of existing ripe security mechanism.Therefore, the RFID security solution also has a special requirement, i.e. the practicality of scheme, that is and, solution must be fit to the limited characteristics of RFID computing cost, storage capacity and communication capacity.For the ease of design and RFID system, suppose that usually the communication channel between label and the reader is unsafe, the communication channel between reader and the back-end data base then is safe.
Privacy: because the RFID label is the noncontact automatic identification technology, so label may be read the hidden danger that exists privacy of user illegally to be read by reader under the unwitting situation of user.Therefore, the privacy protecting of rfid system, that is: the commercial interest of protection consumer's privacy or related economic entity may have stronger importance than other communication system.
How according to the own characteristic of rfid system; at tag computation speed, communication capacity and storage space very under the condition of limited; design security mechanism preferably; security and privacy protecting are provided; prevent various malicious attacks; create a comparatively safe working environment for rfid system, be related to rfid system and can really move towards practical.
At present, carried out a series of research at the RFID safety technique both at home and abroad.Fig. 2 is a kind of randomization Hash-Lock protocol scheme of the prior art, wherein ID
kBe tag identifier; Get all ID
SThe request of all tag identifiers is proposed to obtain to database for reader.
Randomization Hash-Lock agreement implementation process is as follows:
Step s201, reader send the Command order to label;
Step s202, label generate a random number R, calculate H (ID
k‖ R).Label is with (R, H (ID
k‖ R)) send to reader;
Step s203, reader propose to obtain the request of all tag identifiers to database;
Step s204, database are with all the tag identifier (ID in the own database
1, ID
2..., ID
s) send to reader;
Whether step s205, reader inspection have certain ID
j, make H (ID
j‖ R)=(ID
k‖ R) sets up; If have, then authentication is passed through, and with ID
jSend to label; Label checking ID
jWith ID
kWhether identical, as identical, then authentication is passed through.Otherwise, will be under an embargo.
The inventor finds that there is following shortcoming at least in prior art in realizing process of the present invention:
Reader all needs labels all in the database is calculated and compares in the verification process to each label, causes reading efficiency lower.
Summary of the invention
Embodiments of the invention provide authentication method, equipment and the system in a kind of wireless radio frequency discrimination RFID system, to improve the reading efficiency in the existing rfid system verification process.
For achieving the above object, embodiments of the invention provide the authentication method in a kind of wireless radio frequency discrimination RFID system, may further comprise the steps:
Receive first authentication information and second authentication information, search label in this locality with described first authentication information;
According to the parameter of label, generate the 3rd authentication information with described first authentication information;
Judge whether described second authentication message is identical with described the 3rd authentication message, if identical, then to described smart-tag authentication success with described first authentication information.
Embodiments of the invention also provide the authentication method in a kind of wireless radio frequency discrimination RFID system, may further comprise the steps:
According to the parameter of label, generate first authentication information and second authentication information respectively;
Described first authentication information and second authentication information are sent to reader;
Described reader is used for searching the label with described first authentication information according to described first authentication information, correlation parameter according to label with described first authentication information, generate the 3rd authentication information, described label with described first authentication information is carried out the legitimacy authentication according to described second authentication message and described the 3rd authentication message be whether identical.
Embodiments of the invention also provide a kind of reader, are used for the authentication of rfid system, comprising:
Receiving element is used to receive first authentication information and second authentication information;
Search the unit, be used for searching the label of first authentication information with described receiving element reception in this locality;
Generation unit is used for the parameter of searching the label with described first authentication information that the unit finds according to described, generates the 3rd authentication information;
Authentication ' unit, be used for the 3rd authentication information that generates when described generation unit with from described second authentication information when identical, judge successfully described smart-tag authentication with described first authentication information.
Embodiments of the invention also provide a kind of label, comprising:
The authentication information generation unit is used for generating first authentication information and second authentication information respectively according to correlation parameter;
The authentication information transmitting element is used for first authentication information and second authentication information that described authentication information generation unit generates are sent to reader; Described reader is used for searching the label with described first authentication information according to described first authentication information, correlation parameter according to label with described first authentication information, generate the 3rd authentication information, described label with described first authentication information is carried out the legitimacy authentication according to described second authentication message and described the 3rd authentication message be whether identical.
Embodiments of the invention also provide a kind of Verification System, are used for the authentication of rfid system, comprising:
Label is used to generate first authentication information and second authentication information, and sends described first authentication information and described second authentication information to described reader;
Reader is used to receive first authentication information and second authentication information, searches the label with described first authentication information in this locality; According to the parameter of label, generate the 3rd authentication information with described first authentication information; Judge whether described second authentication message is identical with described the 3rd authentication message, if identical, then to described smart-tag authentication success with described first authentication information.
Compared with prior art, embodiments of the invention have the following advantages:
The authentication information of storage tags in advance in reader side, in the verification process, this authentication information of tag feedback and other authentication informations; Before calculating, reader by for this authentication information relatively dwindle label range, and then carry out the calculating and the comparison of other authentication informations, finish verification process at last.Use this method will reduce in the smart-tag authentication process calculating and number of comparisons, improve reading efficiency label.
Description of drawings
Fig. 1 is the composition structural representation of rfid system in the prior art;
Fig. 2 is a randomization Hash-Lock protocol procedures synoptic diagram in the prior art;
Fig. 3 is the process flow diagram of authentication method in the rfid system in the embodiment of the invention;
Fig. 4 is the signaling process figure of authentication method in the rfid system in the embodiment of the invention;
Fig. 5 is the structural representation of Verification System in the rfid system in the embodiment of the invention;
Fig. 6 is the structural representation of reader in the embodiment of the invention;
Fig. 7 is the structural representation of label in the embodiment of the invention.
Embodiment
Below in conjunction with drawings and Examples, the specific embodiment of the present invention is described in further detail:
Embodiments of the invention provide the authentication method in a kind of rfid system, as shown in Figure 3, may further comprise the steps:
Step s301, the authentication information that needs between label and reader to authenticate is divided into many groups, comprises first authentication information and second authentication information at least; And store first authentication information and the correlation parameter of each label in reading device side.The purposes of this first authentication information and second authentication information is: reader authenticates according to the legitimacy of second authentication information to described label according to the scope that first authentication information dwindles the label of needs authentication.
Step s302, in verification process, label generates first authentication information and second authentication information and sends to reader.
Step s303, reader receive the authentication information that label sends, and first authentication information that label sends is searched.
Step s304, judge whether to exist label, then continue step s305 when existing, do not exist and then think authentification failure and finishing with this first authentication information.
The correlation parameter that step s305, use have the label of this first authentication information generates the 3rd authentication information.Reader uses algorithm and/or parameter identical when generating second authentication information with label when generating the 3rd authentication information.
The 3rd authentication information of step s306, each label that will generate and second authentication information of reception compare, and then continue step s307 when having identical authentication information, otherwise think authentification failure and finishing.
All authentication informations that step s307, judgement receive from label all pass through authentication, authentication success.
Below in conjunction with a concrete application scenarios, the embodiment of the embodiment of the invention is described.Wherein, use many group authentication informations to authenticate with label and reader and be example, these many group authentication informations comprise first authentication information and other authentication informations at least.Wherein to compare other authentication informations be simple authentication information to first authentication information, in the simple authentication information of reader side's storage tags; In the verification process, tag feedback simple authentication information and other authentication informations.Before calculating, reader dwindles label range, and then carries out the calculating and the comparison of other authentication informations by the comparison to simple authentication information, finishes verification process at last.The signaling process figure of this application scenarios as shown in Figure 3.
Wherein, Info-1, Info-2 are label information; Key is a cipher key shared between reader and the label; OtherElement is the out of Memory in the verification process; F1 and f2 are the data processing function.Key K ey will share in advance in label and reader side, deposits label information in reader side, and authentication information f1 (Info-1, Key).Identifying procedure may further comprise the steps as shown in Figure 4:
Step s401, reader are initiated the Command order;
Step s402, the tag computation first authentication information A and the second authentication information B, for example, in addition: A=f1 (Info-1, Key), B=f2 (Info-1, Info-2, Key, OtherElement), and to reader feedback A and B; Can certainly adopt the calculating first authentication information A and the second authentication information B of additive method.
Step s403, reader are according to (A B) authenticates label.
Reader obtains the information of all labels from database, and finds out f1 (Info-1, Key) information and the identical label of the first authentication information A of all storages; Then, at these labels, the 3rd authentication information B '=f2 (Info-1 is calculated in use and tag computation and the identical method of the second authentication information B, Info-2, Key, OtherElement), more whether exist the B ' of label identical with the B that passes over, if having, then label is by authentication.
The said method that the application of the invention embodiment provides, the authentication information of storage tags in advance in reader side, in the verification process, this authentication information of tag feedback and other authentication informations; Before calculating, reader by for this authentication information relatively dwindle label range, and then carry out the calculating and the comparison of other authentication informations, finish verification process at last.Use this method will reduce in the smart-tag authentication process calculating and number of comparisons, improve reading efficiency label.
Embodiments of the invention also provide Verification System and the equipment in a kind of rfid system, and its structure comprises as shown in Figure 5: reader 10 and at least one label 20.Wherein, reader 10 is used for first authentication information of storage tags 20 in advance, in the verification process, and label 20 feedback first authentication information and second authentication informations; Before calculating, reader 10 by for this first authentication information relatively dwindle label range, and then carry out the calculating and the comparison of second authentication information, finish verification process at last.
Concrete, the structure of reader 10 further comprises as shown in Figure 6:
Receiving element 11 is used to receive first authentication information and second authentication information that label sends.
Search unit 12, be used for searching the label of first authentication information with described receiving element 11 receptions in this locality.
Authentication ' unit 14 is used for second authentication information of the 3rd authentication information that generates when described generation unit 13 and reception when identical, judge have described first authentication information smart-tag authentication successfully.
The structure of label 20 further comprises as shown in Figure 7:
Authentication information generation unit 21 is used for generating first authentication information and second authentication information respectively according to correlation parameter; Different algorithms and/or parameter have been used when generating different authentication information.
Authentication information transmitting element 22 is used for first authentication information and second authentication information that described authentication information generation unit 21 generates are sent to reader.Described reader is used for searching the label with described first authentication information according to described first authentication information, correlation parameter according to label with described first authentication information, generate the 3rd authentication information, described label with described first authentication information is carried out the legitimacy authentication according to described second authentication message and described the 3rd authentication message be whether identical.
Said system that the application of the invention embodiment provides and equipment, the authentication information of storage tags in advance in reader side, in the verification process, this authentication information of tag feedback and other authentication informations; Before calculating, reader by for this authentication information relatively dwindle label range, and then carry out the calculating and the comparison of other authentication informations, finish verification process at last.Use this method will reduce in the smart-tag authentication process calculating and number of comparisons, improve reading efficiency label.
Through the above description of the embodiments, those skilled in the art can be well understood to the present invention and can realize by the mode that software adds essential general hardware platform, can certainly pass through hardware, but the former is better embodiment under a lot of situation.Based on such understanding, the part that technical scheme of the present invention contributes to prior art in essence in other words can embody with the form of software product, this computer software product is stored in the storage medium, comprises that some instructions are used so that an equipment is carried out the described method of each embodiment of the present invention.
More than disclosed only be several specific embodiment of the present invention, still, the present invention is not limited thereto, any those skilled in the art can think variation all should fall into protection scope of the present invention.
Claims (13)
1, the authentication method in a kind of wireless radio frequency discrimination RFID system is characterized in that, may further comprise the steps:
Receive first authentication information and second authentication information, search label in this locality with described first authentication information;
According to the parameter of label, generate the 3rd authentication information with described first authentication information;
Judge whether described second authentication message is identical with described the 3rd authentication message, if identical, then to described smart-tag authentication success with described first authentication information.
2, the authentication method in the rfid system according to claim 1 is characterized in that, also comprises before described reception first authentication information and second authentication information:
Many groups be will be divided into the authentication information that label authenticates, and first authentication information and the correlation parameter of each label stored.
3, the authentication method in the rfid system according to claim 1 is characterized in that, described basis has the parameter of label of first authentication information of described reception, generates the 3rd authentication information and is specially:
Described second authentication message uses identical algorithm and parameter to generate with described the 3rd authentication information.
4, as the authentication method in the rfid system as described in each in the claim 1 to 3, it is characterized in that described parameter comprises: cipher key shared and other authenticate employed parameter between the information of described label, described label and described reader.
5, the authentication method in a kind of wireless radio frequency discrimination RFID system is characterized in that, may further comprise the steps:
According to the parameter of label, generate first authentication information and second authentication information respectively;
Described first authentication information and second authentication information are sent to reader;
Described reader is used for searching the label with described first authentication information according to described first authentication information, correlation parameter according to label with described first authentication information, generate the 3rd authentication information, described label with described first authentication information is carried out the legitimacy authentication according to described second authentication message and described the 3rd authentication message be whether identical.
As the authentication method in the rfid system as described in the claim 5, it is characterized in that 6, described label has used different algorithms and/or parameter when generating different authentication informations.
7, a kind of reader is used for the authentication of rfid system, it is characterized in that, comprising:
Receiving element is used to receive first authentication information and second authentication information;
Search the unit, be used for searching the label of first authentication information with described receiving element reception in this locality;
Generation unit is used for the parameter of searching the label with described first authentication information that the unit finds according to described, generates the 3rd authentication information;
Authentication ' unit, be used for the 3rd authentication information that generates when described generation unit with from described second authentication information when identical, judge successfully described smart-tag authentication with described first authentication information.
8, as reader as described in the claim 7, it is characterized in that, also comprise:
Storage unit is used to store first authentication information of each label and the parameter of each label, and offers described unit and the generation unit searched.
As reader as described in the claim 7, it is characterized in that 9, described generation unit is specially first and generates subelement, be used to use algorithm and parameter identical when generating second authentication information, generate the 3rd authentication information.
10, a kind of label is characterized in that, comprising:
The authentication information generation unit is used for generating first authentication information and second authentication information respectively according to correlation parameter;
The authentication information transmitting element is used for first authentication information and second authentication information that described authentication information generation unit generates are sent to reader; Described reader is used for searching the label with described first authentication information according to described first authentication information, correlation parameter according to label with described first authentication information, generate the 3rd authentication information, described label with described first authentication information is carried out the legitimacy authentication according to described second authentication message and described the 3rd authentication message be whether identical.
11, a kind of Verification System is used for the authentication of rfid system, it is characterized in that, comprising:
Label is used to generate first authentication information and second authentication information, and sends described first authentication information and described second authentication information to described reader;
Reader is used to receive first authentication information and second authentication information, searches the label with described first authentication information in this locality; According to the parameter of label, generate the 3rd authentication information with described first authentication information; Judge whether described second authentication message is identical with described the 3rd authentication message, if identical, then to described smart-tag authentication success with described first authentication information.
12, as Verification System as described in the claim 11, it is characterized in that described label further comprises:
The authentication information generation unit is used for generating first authentication information and second authentication information respectively according to correlation parameter;
The authentication information transmitting element is used for first authentication information and second authentication information that described authentication information generation unit generates are sent to reader.
13, as Verification System as described in the claim 11, it is characterized in that described reader further comprises:
Receiving element is used to receive first authentication information and second authentication information that label sends;
Search the unit, be used for searching the label of first authentication information with described receiving element reception in this locality;
Generation unit is used for the correlation parameter of searching the label with described first authentication information that the unit finds according to described, generates the 3rd authentication information;
Authentication ' unit is used for the 3rd authentication information that generates when described generation unit and, judges to described smart-tag authentication successfully when identical from described second authentication information.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CNA2008100014136A CN101470794A (en) | 2007-12-27 | 2008-01-18 | Authentication method, equipment and system for wireless radio frequency recognition system |
Applications Claiming Priority (3)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN200710198651 | 2007-12-27 | ||
| CN200710198651.6 | 2007-12-27 | ||
| CNA2008100014136A CN101470794A (en) | 2007-12-27 | 2008-01-18 | Authentication method, equipment and system for wireless radio frequency recognition system |
Publications (1)
| Publication Number | Publication Date |
|---|---|
| CN101470794A true CN101470794A (en) | 2009-07-01 |
Family
ID=40828258
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CNA2008100014136A Pending CN101470794A (en) | 2007-12-27 | 2008-01-18 | Authentication method, equipment and system for wireless radio frequency recognition system |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN101470794A (en) |
Cited By (3)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN101814991A (en) * | 2010-03-12 | 2010-08-25 | 西安西电捷通无线网络通信股份有限公司 | Mutual authentication method and system based on identity |
| CN102546552A (en) * | 2010-12-24 | 2012-07-04 | 中国联合网络通信集团有限公司 | Authentication method, equipment and system |
| US9088616B2 (en) | 2009-09-21 | 2015-07-21 | Huawei Technologies Co., Ltd. | Method and apparatus for authentication |
-
2008
- 2008-01-18 CN CNA2008100014136A patent/CN101470794A/en active Pending
Cited By (4)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| US9088616B2 (en) | 2009-09-21 | 2015-07-21 | Huawei Technologies Co., Ltd. | Method and apparatus for authentication |
| CN101814991A (en) * | 2010-03-12 | 2010-08-25 | 西安西电捷通无线网络通信股份有限公司 | Mutual authentication method and system based on identity |
| CN101814991B (en) * | 2010-03-12 | 2012-05-09 | 西安西电捷通无线网络通信股份有限公司 | Mutual authentication method and system based on identity |
| CN102546552A (en) * | 2010-12-24 | 2012-07-04 | 中国联合网络通信集团有限公司 | Authentication method, equipment and system |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| CN100405386C (en) | Safety identification method in radio frequency distinguishing system | |
| Aggarwal et al. | RFID security in the context of" internet of things" | |
| CN102394753B (en) | RFID (Radio Frequency Identification Device) mutual authentication method based on secret key and cache mechanism | |
| CN114982197B (en) | Authentication method, system and storage medium | |
| CN101470795B (en) | Communication method and apparatus in wireless radio frequency recognition system | |
| US8593259B2 (en) | Method of authenticating a radio tag by a radio reader | |
| KR100737181B1 (en) | Apparatus and method for lightweight and resynchronous mutual authentication protocol for secure rfid system | |
| CN103218633B (en) | A kind of RFID safety authentication | |
| CN100552691C (en) | A kind of binary mode collision-proof method that has security mechanism in RFID | |
| CN107040363B (en) | Lightweight RFID ownership transfer method and system based on chaotic encryption | |
| CN102594550A (en) | RFID internal mutual authentication safety protocol based on secret key array | |
| CN101794402B (en) | Wireless ultrahigh-frequency radio-frequency identification system and method thereof for resisting invalid quantity statistical attack | |
| CN101470794A (en) | Authentication method, equipment and system for wireless radio frequency recognition system | |
| Won et al. | Strong authentication protocol for secure RFID tag search without help of central database | |
| Chien | The study of RFID authentication protocols and security of some popular RFID tags | |
| Li et al. | Privacy protection for low-cost RFID tags in IoT systems | |
| Huang et al. | An ultralightweight mutual authentication protocol for EPC C1G2 RFID tags | |
| Xie et al. | A lightweight integrity authentication approach for RFID-enabled supply chains | |
| CN103763106A (en) | Position privacy protection method in Internet-of-Things authentication | |
| Lin et al. | Lightweight and serverless RFID authentication and search protocol | |
| Cai et al. | Enabling secure secret updating for unidirectional key distribution in RFID-enabled supply chains | |
| Wang et al. | Low-cost RFID: Security problems and solutions | |
| Schaberreiter et al. | An enumeration of RFID related threats | |
| Lee et al. | Improving the efficiency of RFID authentication with pre-computation | |
| Changqing et al. | An enhanced security authentication protocol based on hash-lock for low-cost RFID |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| C06 | Publication | ||
| PB01 | Publication | ||
| C10 | Entry into substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| C12 | Rejection of a patent application after its publication | ||
| RJ01 | Rejection of invention patent application after publication |
Open date: 20090701 |