CN101488179A - Authentication method and apparatus for wireless radio frequency recognition system - Google Patents

Abstract

The embodiment of the invention discloses an authentication method for a wireless radio frequency identification (RFID) system. Anonymity of a tag is ensured by updating ID in each authentication; and an (ID, P-key) pair of the tag is stored in a reader party, and only the (ID, P-key) part in the reader party, which is inconsistent with the content transmitted by the tag, is updated by the reader party, such that synchronicity of data update can be ensured. The embodiment of the invention also discloses an authentication device for the wireless radio frequency identification (RFID) system. By adopting the embodiment of the invention and by ensuring the anonymity of the tag through ID update, the asynchronism of data update easily caused by the adoption of an ID updating mechanism in a common RFID air interface protocol can be simultaneously solved.

Description

A kind of Wireless RFID system authentication method and equipment

Technical field

The present invention relates to communication technical field, relate in particular to authentication method and equipment in a kind of RFID (Radio FrequencyIdentification, radio frequency identification) system.

Background technology

The RFID technology is a kind of contactless automatic identification technology that moves to maturity since the eighties in last century, and it is by the automatic recognition objective object of radiofrequency signal and obtain related data, need not manual intervention.Because the RFID technology has characteristics such as multiple goal identification and contactless identification, fields such as manufacturing industry, commerce, military affairs, daily life have been widely used at present, and demonstrate huge development potentiality and application space, be considered to one of the most rising technology of 21 century.

Though the RFID technology has a wide range of applications, the RFID communication system lacks effective security mechanism, has become the key factor of its large scale deployment of restriction and utilization.

Rfid system generally is made of three parts: label, reader and background data base, as shown in Figure 1.Wherein: back-end data base can be the Database Systems that run on any hardware platform, and the user can select according to actual needs voluntarily, and generally back-end data base has powerful calculating and storage capacity, and it is storing the information of all labels.Reader is actual to be a wireless transmit and a receiving equipment that has antenna, and its processing power, storage space are all bigger.Label is the microcircuit that has antenna, and label does not have microprocessor usually, only is made up of thousands of logic gates.Reader is called " forward channel " to the channel between the label, and label then is called " backward channel " to the channel between the reader.Because the wireless power difference of reader and label is very big, the communication range of forward channel is far longer than the communication range of backward channel.

Reader and background data base all have more intense computing power, and the Communication Security Problem between them can utilize ripe relatively computer network security mechanism to solve.For the ease of design and RFID system, suppose that usually the communication channel between label and the reader is unsafe, the communication channel between reader and the back-end data base then is safe.

A kind of fairly perfect rfid system solution should possess essential characteristics such as confidentiality, integrality and privacy.The confidentiality index is signed should not leak any sensitive information to the unauthorized reader, even the unauthorized reader intercepts the communication information, can't know the implication of information yet, only authorised reader energy identifying information; Integrality refers to that the information receiver can verify that the information of reception is not distorted; Privacy refers to prevent the user by real-time follow-up, with protection user's the privacy or the commercial interest of related economic entity.

Because the intrinsic fragility of radio communication itself, undelegated reader can read the relevant information of its reach interior label, gather with related by information to reach the purpose of obtaining consumer's privacy, so the safety of rfid system causes that people greatly pay close attention to.Simultaneously, because the storage and the computing power of low-cost label are limited, can not adopt existing ripe cryptographic algorithm and authentication mechanism.Therefore how under the situation of tag computation speed, communication capacity and limited storage space; design security mechanism preferably; security and privacy protecting are provided; prevent various malicious attacks; create a comparatively safe working environment for rfid system, be related to rfid system and can really move towards practical.

A kind of rfid system authentication technology scheme is the authentication based on the challenge-response method in the prior art, and concrete agreement flow process is referring to Fig. 2 and Fig. 3.

Implementation shown in Figure 2 is as follows:

(1) reader wakes up label;

(2) reader obtains key information, calculates to produce key key, specifically comprises:

1. the identifier ID of reader reading tag;

2. reader utilizes this sequence number ID to produce algorithm by the key of arranging in advance, utilizes ID to calculate the key key of this label;

(3) carry out the authentication of label to reader:

1. label sends random number R to reader _A

2. reader sends coded data packet Tokenl to label, and this packet comprises R _A' and another random number R _BTwo parts content; R wherein _A' be that communicating pair uses any one cryptographic algorithm e of agreement in advance _k, utilize key key to random number R _AThe data that obtain after encrypting, i.e. R _A'=e _k(key, R _A);

3. the random number R of label to receiving _A', use cryptographic algorithm e _k, utilize key key to random number R _AObtain R after encrypting _A", i.e. R _A"=e _k(key, R _A);

4. label compares R _A' and R _A', if equate, then reader is by authentication;

(4) carry out the authentication of reader, specifically comprise label:

1. label uses cryptographic algorithm e _k, utilize key key to the random number R among the packet Tokenl _BEncrypt and obtain R _B', label is with R _B' give reader as packet Token2 loopback;

2. reader uses cryptographic algorithm e _k, utilizing key key is R to random number _BObtain R after encrypting _B", R _B"=e _k(key, R _B);

3. reader compares R _B' and R _B", if equate, then label is by authentication;

It is similar with Fig. 2 that flow process is carried out in the authentication of Fig. 3, all is two-way authentication, and difference only is that the latter is that label authenticates reader earlier, and the former to be reader first that label is authenticated.

A kind of technical scheme of mutual authentication method of rfid system also is provided in the prior art, and concrete scheme as shown in Figure 4.

Initialization procedure is as follows: background data base is one group of data (EPC of each tag storage _x, K _Old, K _New, P _Old, P _New, DATA), one group of data (EPC of tag storage _x, K _{X_0}, P _{X_0}), through behind the i time success identity, each parametric representation of tag storage is (EPC _x, K _{X_i}, P _{X_i}).EPC _xThe expression label identifier, (K _{X_0}, K _{X_i}), (K _Old, K _New) the expression authenticate key, be used for rfid system is authenticated; (P _{X_0}, P _{X_i}), (P _Old, P _New) the expression access key, be used for rfid system is conducted interviews, wherein the PRNG among Fig. 4 represents pseudo-random function.

The i+1 time verification process is as follows:

(1) Reader → Tag: reader generates a random number R _r, and to label transmission inquiry authentication request, simultaneously with R _rSend to label.

(2) Tag → Reader → DataBase: label generates a random number R _t, and calculate ${\mathrm{<figure-callout\; id="1"\; label="M"\; filenames="A200810001414E00232.png"\; state="\{\{state\}\}">M</figure-callout>}}_1=\mathrm{CRC}\left({\mathrm{EPC}}_x\left|\right|R_r\left|\right|R_t\right)\&CirclePlus;K_{x\_i}$ , wherein label is with (M ₁, R _t) send to reader, by reader with (M ₁, R _r, R _t) be transmitted to background data base.

(3) DataBase: in background data base with every group of (EPC _x, K _Old, K _New) authenticate key K _OldAnd K _NewDo following calculating: $I_{\mathrm{old}}={\mathrm{<figure-callout\; id="1"\; label="M"\; filenames="A200810001414E00232.png"\; state="\{\{state\}\}">M</figure-callout>}}_1\&CirclePlus;K_{\mathrm{old}}$ With $I_{\mathrm{new}}={\mathrm{<figure-callout\; id="1"\; label="M"\; filenames="A200810001414E00232.png"\; state="\{\{state\}\}">M</figure-callout>}}_1\&CirclePlus;K_{\mathrm{new}},$ And 1. whether the checking following formula set up:

I _OldOr I _New=CRC (EPC _x‖ R _r‖ R _t) 1.

If set up, then authentication is passed through and is continued; Otherwise, authentification failure and shut-down operation.

(4) DataBase → Reader → Tag: background data base is according to I _OldOr I _New(be K _OldOr K _New) in which authenticate key can make formula 1. become Rob Roy to select corresponding access key P for use _OldOr P _NewCalculate ${\mathrm{<figure-callout\; id="2"\; label="M"\; filenames="A200810001414E00232.png"\; state="\{\{state\}\}">M</figure-callout>}}_2=\mathrm{CRC}\left({\mathrm{EPC}}_x\right|\left|R_t\right)\&CirclePlus;P_{\mathrm{old}}$ Or ${\mathrm{<figure-callout\; id="2"\; label="M"\; filenames="A200810001414E00232.png"\; state="\{\{state\}\}">M</figure-callout>}}_2=\mathrm{CRC}\left({\mathrm{EPC}}_x\right|\left|R_t\right)\&CirclePlus;P_{\mathrm{new}},$ And key is carried out following renewal: authenticate key K _Old=K _New, K _New=PRNG (K _New); Access key P _Old=P _New, P _New=PRNG (P _New), and with M ₂And other parameters DATA of label issues reader, by reader with M ₂Label is given in forwarding.

(5) Tag: checking ${\mathrm{<figure-callout\; id="2"\; label="M"\; filenames="A200810001414E00232.png"\; state="\{\{state\}\}">M</figure-callout>}}_2\&CirclePlus;P_{x\_i}=\mathrm{CRC}\left({\mathrm{EPC}}_x\right|\left|R_t\right)$ Whether set up, as setting up, then authentication is passed through, and key is carried out following renewal: authenticate key K _{X_i+1}=PRNG (K _{X_i}); Access key P _{X_i+1}=PRNG (P _{X_i}); Otherwise, authentification failure.

The inventor finds that there is following problem at least in the prior art in realizing process of the present invention:

Do not have dynamic I D flush mechanism in the authentication based on the challenge-response method of the prior art, just can palm off label in case the assailant has obtained the ID of label; And any reader sends and searches the ID that all may obtain label, and the assailant can follow the tracks of tag holder.Though and used dynamic refresh in the method based on two-way authentication, but there is the nonsynchronous problem of Data Update: do not upgrade successfully if label is double, when communicating by letter so next time, because the key of the key of storing in the label pair and background data base is not to matching, legal label can not be by authenticating.In the final step of authentication, if M ₂Intercepted and captured, the key of label is to (K _{X_i}, P _{X_i}) can not be upgraded in time, and the backstage database key is to (K _Old, P _Old), (K _New, P _New) upgrade, but this moment background data base two group key centerings, it is right to still have pair of secret keys can mate the key of label, if but M ₂Intercepted and captured above twice, this moment, background data base two group keys were to all upgrading, and the key of label is to still being updated, and not have the key that mates right between label and the background data base, thereby label and reader can not authenticate mutually when communicate by letter with next time.

Summary of the invention

Embodiments of the invention provide a kind of Wireless RFID system authentication method and equipment, are used for strengthening the security of existing radio frequency identification system authentication method.

For achieving the above object, embodiments of the invention provide the authentication method in a kind of wireless radio frequency discrimination RFID system, may further comprise the steps:

Receive the first tag identifier Information ID that first label sends;

Obtain first authentication content according to a described ID;

Described first authentication content comprises that the first sign-authenticate password of described first label is to right with the second sign-authenticate password, the described first sign-authenticate password is to comprising a described ID and the authenticate password P_key corresponding with a described ID, and the described second sign-authenticate password is to comprising the P_key of the 2nd ID and described the 2nd ID correspondence;

Send according to the P_key generation authentication information of a described ID and a described ID correspondence and to described first label;

Whether receive the smart-tag authentication information that the legal back of the described authentication information of described first smart-tag authentication sends, it is legal to authenticate described smart-tag authentication information;

When described smart-tag authentication information is legal, generate the P_key of the 3rd ID and the 3rd ID correspondence, replace described the 2nd ID in described first authentication content and the P_key of described the 2nd ID correspondence respectively according to the P_key of a described ID and a described ID correspondence.

Embodiments of the invention also provide the authentication method in a kind of wireless radio frequency discrimination RFID system, may further comprise the steps:

Send tag identifier ID to reader;

Whether when receiving the authentication information that described reader sends according to described ID, it is legal to authenticate described authentication information;

When described authentication information is legal, generates smart-tag authentication information and send to described reader;

When receiving described reader to the affirmation of described smart-tag authentication information, the authentication information that sends according to described reader generate new ID and with the described new corresponding new authenticate password P_key of ID.

Embodiments of the invention also provide a kind of authenticating device, are used for the smart-tag authentication of rfid system, comprising:

The sign acquiring unit receives the first tag identifier Information ID that first label sends; Obtain first authentication content according to a described ID;

The sign maintenance unit, be used to store first authentication content, described first authentication content comprises that the first sign-authenticate password of described first label is to right with the second sign-authenticate password, the described first sign-authenticate password is to comprising a described ID and the authenticate password P_key corresponding with a described ID, and the described second sign-authenticate password is to comprising the P_key of the 2nd ID and described the 2nd ID correspondence;

The authentication information generation unit sends according to the P_key generation authentication information of a described ID and a described ID correspondence and to described first label;

Smart-tag authentication authentification of message unit receives the smart-tag authentication information that the legal back of the described authentication information of described first smart-tag authentication sends, and whether authenticate described smart-tag authentication information legal;

The identification renewal unit, when described smart-tag authentication information is legal, generate the P_key of the 3rd ID and the 3rd ID correspondence according to the P_key of a described ID and a described ID correspondence, replace described the 2nd ID in described first authentication content and the P_key of described the 2nd ID correspondence respectively.

Embodiments of the invention also provide a kind of labeling apparatus, comprise;

The sign transmitting element is used for sending tag identifier ID to reader;

The authentication information authentication ' unit, whether when being used to receive the authentication information that described reader sends according to described ID, it is legal to authenticate described authentication information;

The smart-tag authentication information generating unit is used in described authentication information authentication ' unit when to authenticate described authentication information be legal, generates smart-tag authentication information and sends to described reader;

The identification renewal unit, when being used to receive described reader to the affirmation of described smart-tag authentication information, the authentication information that sends according to described reader generate new ID and with the described new corresponding new authenticate password P_key of ID.

Embodiments of the invention also provide a kind of Verification System, are used for the smart-tag authentication of rfid system, comprising:

Reader, be used for ID according to the label transmission, obtain the information of the label that has the ID consistent in the memory contents with the ID of described label transmission, two sign-authentication informations that comprise described label in the described memory contents are right, each described sign-authentication information is to the sign ID that comprises described label and the authenticate password P_key corresponding with described ID, ID and P_key that of described two sign-authentication information centerings upgrades when comprising the last authentication success of described label; ID according to described unanimity sends with corresponding P_key generation authentication information and to described label; Whether receive the smart-tag authentication information that the legal back of the described authentication information of described smart-tag authentication sends, it is legal to authenticate described smart-tag authentication information; When described smart-tag authentication information is legal, generate new ID and new P_key according to the ID of described unanimity and corresponding P_key, replace the inconsistent ID of ID and the corresponding P_key of described inconsistent ID that send with described label that from described memory contents, get access to label;

Label is used for sending tag identifier ID to reader; Whether when receiving the authentication information that described reader sends according to described ID, it is legal to authenticate described authentication information; When described authentication information is legal, generates smart-tag authentication information and send to described reader; When receiving described reader to the affirmation of described smart-tag authentication information, the authentication information that sends according to described reader generate new ID and with the described new corresponding new authenticate password P_key of ID.

Compared with prior art, embodiments of the invention have the following advantages:

More newly arrive by ID and to guarantee the anonymity of label, in addition by right in the sign of reader side's storage tags, and each reader side only upgrade in its label identifier, the authenticate password with label in unmatched part, cause label not upgrade even abnormal conditions therefore occur repeatedly, but since before communicate in the list that employed sign also is kept at reader side, so label still can with the upright normal open letter of credible reader, can't be and legal label can not occur by the system exception of authentication and identification.Solved the asynchronous problem of Data Update that adopts the ID flush mechanism to cause easily in the general RFID air interface protocol.

Description of drawings

Fig. 1 is that rfid system is formed synoptic diagram in the prior art;

Fig. 2 is a kind of challenge-response agreement process flow diagram in the prior art;

Fig. 3 is an another kind of challenge-response agreement process flow diagram in the prior art;

Fig. 4 is a rfid system mutual authentication method process flow diagram in the prior art;

Fig. 5 is the process flow diagram of authentication method in the embodiments of the invention;

Fig. 6 is the structural representation of Verification System in the embodiments of the invention.

Embodiment

Below in conjunction with drawings and Examples, embodiments of the present invention are described further.

Embodiments of the invention provide a kind of authentication method, guarantee the anonymity of label by all ID more being newly arrived in each authentication, and by (ID at reader side's storage tags, P_key) right, and each reader side only upgrades wherein content inconsistent (ID, P_key) part that sends with label.Therefore when guaranteeing anonymity, cause label not upgrade, but owing to communicated last time in the list that employed sign also is kept at reader side even abnormal conditions occur repeatedly, thus label still can with the upright normal open letter of credible reader.

Embodiments of the invention are used for determine authentication between reader (Reader) and the label (Tag) of rfid system, mainly solving between reader and the label is the Communication Security Problem of air interface part, does not consider for the communication process between reader and the background data base.Therefore, will all be called the data that reader side sends from the data that reader spreads out of in the present embodiment, and these data of specifically not touching upon be handle by reader or handle by background data base.Before authentication is carried out, need carry out initialization respectively at the label in reader side and the system, concrete initialization is as follows:

Label (Tag): be provided with among the Tag and can write the memory block, write Tag and label ID and authenticate password P_key respectively, with ID as call number.In below describing, be that 96-bit, label identifier ID length are that 64-bit, authenticate password P_key length are that 32-bit is an example can write memory block length, this concrete numerical value can be adjusted as required.For the precise figures information in the present embodiment, just this programme is for convenience of explanation and as a kind of expression of embodiment, and is not used in the protection domain that limits the embodiment of the invention, and any modification in number is also in the protection domain of the embodiment of the invention.

Reader (Reader) side: there is a list that comprises all labels in the system reader side, two sign-authentication informations that comprise described label in the memory contents are right, each described sign-authentication information is to the sign ID that comprises described label and the authenticate password P_key corresponding with described ID, ID and P_key that of described two sign-authentication information centerings upgrades when comprising the last authentication success of described label.For example: include (ID in the list of each label ₀, P_key ₀, ID ₁, P_key ₁, Data).ID during initialization ₀=ID, P_key ₀=P_key, ID ₁, P_key ₁Middle filling 0.ID wherein ₀, ID ₁Be label identifier, as call number; P_key ₀, P_key ₁Be authenticate password, Data is the private information data of label, as the data of needs to be keep secret such as price of goods, the goods place of production.

Authentication method in the embodiment of the invention may further comprise the steps as shown in Figure 5, and wherein the cyclic redundancy check (CRC) that adopts among the embodiment is CRC (Cyclic Redundancy Check, cyclic redundancy check (CRC))-16:

Step s501, reader send the Command order to label.

Step s502, label are to reader response (ID, CRC (ID)).

In this step, whether CRC (ID) is used for verification ID and makes a mistake in transmission course.

Step s503, reader send authentication information to label.

In the example of this step, calculate CRC (ID) earlier and be free from mistakes with verification ID transmission course reader side, if be free from mistakes, then begins query and search row ID0 and ID1 in database, as long as inquire the ID of certain row ₀Or ID ₁Equal ID and (be designated as ID _x, x=1 or 0), then get access to corresponding P_key _x

Reader side obtains random number R ₁, R ₂(can be that reader produces, also can be that background data base produces), wherein R ₁, R ₂Can be the random number of 32-bit.Calculate:

$A=\mathrm{CRC}(P\_{\mathrm{key}}_x\&CirclePlus;{\mathrm{<figure-callout\; id="1"\; label="R"\; filenames="A200810001414E00232.png"\; state="\{\{state\}\}">R</figure-callout>}}_1\&CirclePlus;R_2),$

$B=f({\mathrm{ID}}_x,32)\&CirclePlus;P\_{\mathrm{key}}_x\&CirclePlus;{\mathrm{<figure-callout\; id="1"\; label="R"\; filenames="A200810001414E00232.png"\; state="\{\{state\}\}">R</figure-callout>}}_1,$

$C={\mathrm{<figure-callout\; id="1"\; label="R"\; filenames="A200810001414E00232.png"\; state="\{\{state\}\}">R</figure-callout>}}_1\&CirclePlus;{\mathrm{<figure-callout\; id="2"\; label="R"\; filenames="A200810001414E00232.png"\; state="\{\{state\}\}">R</figure-callout>}}_2,$

Note M=A ‖ B ‖ C.

Wherein, ‖ is the related symbol of character string, f (ID _x, 32) represent from ID _x(can be preceding 32 bits, also can be 32 bits of back 32 bits or center section therefrom to extract arbitrarily 32 bits.Abstracting method, present embodiment are not stipulated, as long as the extraction scheme of label and reader is consistent);

Afterwards, reader side sends authentication information (M, CRC (M)), and wherein whether CRC (M) is used for verification M and makes a mistake in transmission course.

The authentication information that step s504, smart-tag authentication reader send, and when authentication success, send the smart-tag authentication information of label-side to reader.

In the example of this step, the verification M of label elder generation if be free from mistakes, then begins to calculate:

${\mathrm{<figure-callout\; id="1"\; label="R"\; filenames="A200810001414E00232.png"\; state="\{\{state\}\}">R</figure-callout>}}_1=f(\mathrm{ID},32)\&CirclePlus;P\_\mathrm{key}\&CirclePlus;B,$

${\mathrm{<figure-callout\; id="2"\; label="R"\; filenames="A200810001414E00232.png"\; state="\{\{state\}\}">R</figure-callout>}}_2=\mathrm{<figure-callout\; id="1"\; label="R"\; filenames="A200810001414E00232.png"\; state="\{\{state\}\}">R</figure-callout>}1\&CirclePlus;C,$

$A^{,}=\mathrm{CRC}(P\_\mathrm{key}\&CirclePlus;{\mathrm{<figure-callout\; id="1"\; label="R"\; filenames="A200810001414E00232.png"\; state="\{\{state\}\}">R</figure-callout>}}_1\&CirclePlus;R_2),$

If A '=A, then label thinks that reader side is believable, and label sends afterwards $(D=\mathrm{CRC}(P\_\mathrm{key}\&CirclePlus;R_1),\mathrm{CRC}\left(D\right))$ Give reader side; If A ' ≠ A, authentification failure, label stop response.

The authentication information of step s505, reader side's authenticating tag side upgrades label during authentication success.

In this step, whether calculate CRC (D) earlier and make mistakes with verification D transmission course reader side, if be free from mistakes, begins to calculate $D^{,}=\mathrm{CRC}(P\_{\mathrm{key}}_x\&CirclePlus;R_1),$ If D '=D thinks that then label is legal;

Reader side upgrades the ID of label afterwards:

$P\_{\mathrm{key}}_{1-x}=P\_{\mathrm{key}}_{n+1}=P\_{\mathrm{key}}_x\&CirclePlus;({\mathrm{<figure-callout\; id="1"\; label="R"\; filenames="A200810001414E00232.png"\; state="\{\{state\}\}">R</figure-callout>}}_1\&CirclePlus;R_2),$

Be reader side upgrade in its label identifier, the authenticate password with label in unmatched that part of; Send OK simultaneously to label.

Step s506, label are received and are upgraded local ident behind the OK:

$P\_{\mathrm{key}}_{n+1}=P\_{\mathrm{key}}_x\&CirclePlus;({\mathrm{<figure-callout\; id="1"\; label="R"\; filenames="A200810001414E00232.png"\; state="\{\{state\}\}">R</figure-callout>}}_1\&CirclePlus;R_2).$

The method that the embodiment of the application of the invention provides, finish and once authenticate and upgrade, label only need carry out 13 XORs and 6 CRC-16 (wherein be used for for 3 times verification communicate by letter whether make mistakes), and do not adopt the higher cipher mechanism of cost comparatively speaking such as hash algorithm, symmetric encipherment algorithm, the tag computation burden is less, be suitable for being applied in the low-cost label, certainly on concrete verification mode, can also use other formula or computing method, be not limited to the scope that the foregoing description is described.Also have following beneficial effect in addition:

(1) anonymity of label

Though as long as reader inquiry label all can send identifier ID, because ID will upgrade after authentication was finished at every turn

The assailant can't extrapolate their middle contacts according to a large amount of different ID that obtains, thereby also can't follow the tracks of same label, so label has good anonymity.

(2) data confidentiality

Confidential data Data is kept at back-end data base, only has the label identifier ID as index on the label, and label identifier ID authenticated and can upgrade at every turn, in addition when the smart-tag authentication reader, and the data M of transmission=A ‖ B ‖ C, wherein $A=\mathrm{CRC}(P\_{\mathrm{key}}_x\&CirclePlus;{\mathrm{<figure-callout\; id="1"\; label="R"\; filenames="A200810001414E00232.png"\; state="\{\{state\}\}">R</figure-callout>}}_1\&CirclePlus;R_2),$ $B=f({\mathrm{ID}}_x,32)\&CirclePlus;P\_{\mathrm{key}}_x\&CirclePlus;{\mathrm{<figure-callout\; id="1"\; label="R"\; filenames="A200810001414E00232.png"\; state="\{\{state\}\}">R</figure-callout>}}_1,$ $C={\mathrm{<figure-callout\; id="1"\; label="R"\; filenames="A200810001414E00232.png"\; state="\{\{state\}\}">R</figure-callout>}}_1\&CirclePlus;{\mathrm{<figure-callout\; id="2"\; label="R"\; filenames="A200810001414E00232.png"\; state="\{\{state\}\}">R</figure-callout>}}_2,$ Authenticate password P_key when calculating A _x, random number R ₁, R ₂Through having carried out CRC again behind the XOR, because the one-way of CRC function, reasonablely them have been hidden; When calculating B, C, also used XOR to come hiding data.

(3) data integrity

The data of communicating by letter between label and the reader side have all comprised the CRC check value, if data transmission procedure makes a mistake or the assailant revises wherein some data, the take over party can find mistake by doing CRC check

(4) two-way authentication

In the embodiments of the invention, advanced rower is signed the authentication (process step s504) to reader, in case unauthorized reading; Carried out the authentication (process step s505) of reader again, confirmed the legitimacy of label label

(5) forward security

Suppose that label has leaked information, promptly the assailant can obtain the data of label (ID P_key), is updated to because ID has authenticated at every turn

Monitor in the communication process before adding (M, D) value is because random number R ₁R2 is different ninety-nine times out of a hundred, and all pass through XOR in each communication process or the CRC computing has been hidden, the assailant can't learn, so the assailant still can't follow the trail of label according to the bulk information of label information of revealing and eavesdropping in the past, so embodiments of the invention have good forward security.

(6) anti-man-in-the-middle attack

Because P_key and R ₁, R ₂Carried out CRC computing and XOR repeatedly, the assailant is difficult to decrypt P_key, and does not decipher P_key, only can't successfully carry out man-in-the-middle attack according to an ID who intercepts.

(7) preventing playback attack

Because the message that has adopted random number, assailant to reset the last time eavesdropping or intercept and capture is not upgraded success even if go up secondary label, the outline that passes through when the step s505 reader of authentication authenticates label is zero no better than, because the message of resetting is $(D=\mathrm{CRC}(P\_\mathrm{key}\&CirclePlus;R_1),\mathrm{CRC}\left(D\right)),$ R1 wherein is random number, this time R ₁With a preceding R ₁The probability that equates is almost nil, so embodiments of the invention can well be resisted Replay Attack.

(8) data synchronization problems

Existing RFID security mechanism based on cryptographic technique roughly can be divided into two big classes: static ID mechanism and dynamic I D flush mechanism.So-called " static ID mechanism " is exactly that the sign of Tag remains unchanged, " dynamic I D flush mechanism " then be Tag sign along with each time between Tag and the Tag reader alternately and dynamic change.When adopting dynamic I D flush mechanism, a very important problem is exactly " data synchronization problems ", that is to say, the sign that the Tag sign that reader side preserved must and be stored among the Tag refreshes synchronously, otherwise, authenticate next time legal Tag just may appear in the identifying and can't be by the system exception of authentication and identification.

In an embodiment of the present invention, in the label data table of reader side's storage, comprise (ID ₀, P_key ₀, ID ₁, P_key ₁), and when upgrading at every turn, reader side always upgrade in its label identifier, the authenticate password with label in unmatched that part of (ID _1-x, P_key _1-x), promptly this and label successfully carry out employed label identifier of two-way authentication and authenticate password (ID _x, P_key _x) still be retained in the list, if step s505 step " OK " victim is intercepted and captured or because other reason label does not upgrade success in this communication, following secondary label still can with the upright normal open letter of credible reader.And, cause label not upgrade even if abnormal conditions occur repeatedly, but because the ID that communicated last time _xAnd P_key _xAlso be kept in the list of reader side, thus label still can with the upright normal open letter of credible reader, can't be and legal label can not occur by the system exception of authentication and identification.

Embodiments of the invention also provide a kind of Verification System, are used for the smart-tag authentication of rfid system, as shown in Figure 6, comprising: authenticating device 10 and label 20, and 10 pairs of labels 20 of authenticating device authenticate, and both sides finish the renewal that laggard rower is signed ID in authentication.

Concrete, authenticating device 10 further comprises:

Sign maintenance unit 11, be used to store first authentication content, described first authentication content comprises that the first sign-authenticate password of described first label is to right with the second sign-authenticate password, the described first sign-authenticate password is to comprising a described ID and the authenticate password P_key corresponding with a described ID, and the described second sign-authenticate password is to comprising the P_key of the 2nd ID and described the 2nd ID correspondence;

Sign acquiring unit 12 is used to receive the first tag identifier Information ID that first label sends; Obtain first authentication content according to a described ID;

Authentication information generation unit 13 is used for sending according to the P_key generation authentication information of a described ID and a described ID correspondence and to described first label; Described authentication information generation unit 13 is specially, and first authentication information generates subelement, is used for generating authentication information according to one or more of the P_key of a described ID, a described ID correspondence and the random number obtained according to preset rule.

Smart-tag authentication authentification of message unit 14 is used to receive the smart-tag authentication information that the legal back of the described authentication information of described first smart-tag authentication sends, and whether authenticate described smart-tag authentication information legal; Described smart-tag authentication authentification of message unit 14 is specially, be used for ID, P_key and random number according to described first label of this locality storage, compare according to preset rule generation authentication information and the described smart-tag authentication information that receives from label, comparative result authenticates described label transmission when being identical smart-tag authentication information is legal.

Identification renewal unit 15, be used for described smart-tag authentication information when legal, generate the P_key of the 3rd ID and the 3rd ID correspondence according to the P_key of a described ID and a described ID correspondence, replace described the 2nd ID in described first authentication content and the P_key of described the 2nd ID correspondence respectively.Described identification renewal unit 15 is specially, the first identification renewal subelement, be used for according to one or more of the authenticate password P_key of a described ID, a described ID correspondence and the random number obtained, generate the P_key of the 3rd ID and the 3rd ID correspondence according to preset rule, replace described the 2nd ID in described first authentication content and the P_key of described the 2nd ID correspondence.

Also comprise:

Initialization unit 16, be used for when the initialization of rfid system sign maintenance unit 11 being carried out initialization, the sign ID that stores for each label 20 after 11 initialization of sign maintenance unit is to comprising: the initial ID of label 20 and arbitrary other values all different with other labels ID.

Check code authentication ' unit 17 when being used to receive ID that label 10 sends and/or smart-tag authentication information, authenticates the check code that receives simultaneously, authenticates described ID and/or whether smart-tag authentication information makes a mistake in transmission course.

Check code generation unit 18, be used for authentication information generation unit 13 with authentication information when label 20 sends, generate authentication information corresponding check sign indicating number and send to label 20.

Concrete, labeling apparatus 20 further comprises:

Sign transmitting element 21 is used for the ID to authenticating device 10 these labels of transmission;

Authentication information authentication ' unit 22, whether when being used to receive the authentication information of authenticating device 10 transmissions, it is legal to authenticate described authentication information; Described authentication information authentication ' unit 22 is specially: the first authentication information authentication ' unit, be used for the authenticate password P_key of the ID according to this label, described ID correspondence and from the random number that described authentication information obtains one or more, compare according to preset rule generation authentication information and the described authentication information that receives from reader, comparative result authenticates described reader transmission when being identical authentication information is legal.

Smart-tag authentication information generating unit 23 is used at these authentication informations of authentication information authentication ' unit 22 authentication when being legal, generates smart-tag authentication information and sends to authenticating device 10; Described smart-tag authentication information generating unit 23 is specially, the first smart-tag authentication information generating unit, be used for one or more of the random number obtained according to the authenticate password P_key of described ID, described ID correspondence and from described authentication information, generate smart-tag authentication information and send to described reader according to preset rule.

Identification renewal unit 24, when being used to receive the affirmation of 10 pairs of these smart-tag authentication information of authenticating device, the authentication information that sends according to authenticating device 10 generates new ID and corresponding P_key.Described identification renewal unit 24 is specially, the first identification renewal unit, one or more of the random number that is used for the authenticate password P_key of the ID according to this label, described ID correspondence and obtains from described authentication information generate new ID according to preset rule; Generate the new authenticate password P_key of described new ID correspondence according to preset rule.

Also comprise:

Whether check code authentication ' unit 25 when being used to receive the authentication information of authenticating device 10 transmissions, authenticates the check code that receives simultaneously, authenticate this authentication information and make a mistake in transmission course.

Check code generation unit 26 is used for when ID that sends these labels to authenticating device 10 and/or smart-tag authentication information, generates the ID of described label and/or smart-tag authentication information corresponding check sign indicating number and to authenticating device 10 transmissions.

The said system and the equipment that provide by the embodiment of the invention, more newly arrive by ID and to guarantee the anonymity of label, and by right in the sign of reader side's storage tags, and each reader side only upgrades its label identifier, in the authenticate password with label in unmatched that part of, even cause label not upgrade so abnormal conditions occur repeatedly, but owing to communicated last time in the list that employed sign also is kept at reader side, so label still can with the upright normal open letter of credible reader, can't be and legal label can not occur by the system exception of authentication and identification.Solved the asynchronous problem of Data Update that adopts the ID flush mechanism to cause easily in the general RFID air interface protocol.

Through the above description of the embodiments, those skilled in the art can be well understood to the present invention and can realize by the mode that software adds essential general hardware platform, can certainly pass through hardware, but the former is better embodiment under a lot of situation.Based on such understanding, the part that technical scheme of the present invention contributes to prior art in essence in other words can embody with the form of software product, this computer software product is stored in the storage medium, comprises that some instructions are used so that an equipment is carried out the described method of each embodiment of the present invention.

More than disclosed only be several specific embodiment of the present invention, still, the present invention is not limited thereto, any those skilled in the art can think variation all should fall into protection scope of the present invention.

Claims (20)

1, the authentication method in a kind of wireless radio frequency discrimination RFID system is characterized in that, may further comprise the steps:

Receive the first tag identifier Information ID that first label sends;

Obtain first authentication content according to a described ID;

Described first authentication content comprises that the first sign-authenticate password of described first label is to right with the second sign-authenticate password, the described first sign-authenticate password is to comprising a described ID and the authenticate password P_key corresponding with a described ID, and the described second sign-authenticate password is to comprising the P_key of the 2nd ID and described the 2nd ID correspondence;

Send according to the P_key generation authentication information of a described ID and a described ID correspondence and to described first label;

Whether receive the smart-tag authentication information that the legal back of the described authentication information of described first smart-tag authentication sends, it is legal to authenticate described smart-tag authentication information;

When described smart-tag authentication information is legal, generate the P_key of the 3rd ID and the 3rd ID correspondence, replace described the 2nd ID in described first authentication content and the P_key of described the 2nd ID correspondence respectively according to the P_key of a described ID and a described ID correspondence.

2, the authentication method in the rfid system according to claim 1 is characterized in that, the first sign-authenticate password of described first label that comprises in described first authentication content to the second sign-authenticate password to being respectively when the rfid system initialization:

The initial ID of label, with the corresponding P_key of described initial ID; And

Be initialized as the ID and the P_key that be initialized as certain value corresponding of certain value with described ID.

3, the authentication method in the rfid system according to claim 1 is characterized in that, generates authentication information and send to described first label according to the P_key of a described ID and a described ID correspondence to be specially:

According in the P_key of a described ID, a described ID correspondence and the random number obtained one or more, generate authentication information according to preset rule;

Described authentication information is sent to described label.

4, the authentication method in the rfid system according to claim 1 is characterized in that, and is described when receiving the smart-tag authentication information that the legal back of the described authentication information of described first smart-tag authentication sends, and authenticates whether legal being specially of described smart-tag authentication information:

Receive described first label according to the P_key of a described ID, a described ID correspondence and the smart-tag authentication information of one or more generations in the random number;

ID, P_key and random number according to described first label of this locality storage, compare according to preset rule generation authentication information and the described smart-tag authentication information that receives from label, comparative result authenticates described label transmission when being identical smart-tag authentication information is legal.

5, the authentication method in the rfid system according to claim 1, it is characterized in that, described P_key according to a described ID and a described ID correspondence generates the P_key of the 3rd ID and the 3rd ID correspondence, replaces described the 2nd ID in described first authentication content and the P_key of described the 2nd ID correspondence respectively and is specially:

According in the authenticate password P_key of a described ID, a described ID correspondence and the random number obtained one or more, generate the P_key of the 3rd ID and the 3rd ID correspondence according to preset rule, replace described the 2nd ID in described first authentication content and the P_key of described the 2nd ID correspondence.

6, the authentication method in the rfid system according to claim 1 is characterized in that, when described smart-tag authentication information is legal, also comprises:

To the affirmation message of described label transmission to described smart-tag authentication information.

7, the authentication method in a kind of wireless radio frequency discrimination RFID system is characterized in that, may further comprise the steps:

Send tag identifier ID to reader;

Whether when receiving the authentication information that described reader sends according to described ID, it is legal to authenticate described authentication information;

When described authentication information is legal, generates smart-tag authentication information and send to described reader;

When receiving described reader to the affirmation of described smart-tag authentication information, the authentication information that sends according to described reader generate new ID and with the described new corresponding new authenticate password P_key of ID.

8, as the authentication method in the rfid system as described in the claim 7, it is characterized in that, during authentication information that described reception reader sends, authenticate whether legal being specially of described authentication information:

According in the authenticate password P_key of the ID of this label, described ID correspondence and the random number from described authentication information, obtained one or more, compare according to preset rule generation authentication information and the described authentication information that receives from reader, comparative result authenticates described reader transmission when being identical authentication information is legal.

9, as the authentication method in the rfid system as described in the claim 7, it is characterized in that, when described authentication information is legal, generates smart-tag authentication information and send and be specially to described reader:

According to the authenticate password P_key of described ID, described ID correspondence and from the random number that described authentication information obtains one or more, generate smart-tag authentication information and send to described reader according to preset rule.

10, as the authentication method in the rfid system as described in the claim 7, it is characterized in that, described when receiving reader to the affirmation of described smart-tag authentication information, the authentication information that sends according to described reader generates new ID and the new P_key corresponding with described new ID is specially:

According to the authenticate password P_key of the ID of this label, described ID correspondence and from the random number that described authentication information obtains one or more, generate new ID according to preset rule;

Generate the new authenticate password P_key of described new ID correspondence according to preset rule.

11, a kind of authenticating device is used for the smart-tag authentication of rfid system, it is characterized in that, comprising:

The sign acquiring unit receives the first tag identifier Information ID that first label sends; Obtain first authentication content according to a described ID;

The sign maintenance unit, be used to store first authentication content, described first authentication content comprises that the first sign-authenticate password of described first label is to right with the second sign-authenticate password, the described first sign-authenticate password is to comprising a described ID and the authenticate password P_key corresponding with a described ID, and the described second sign-authenticate password is to comprising the P_key of the 2nd ID and described the 2nd ID correspondence;

The authentication information generation unit sends according to the P_key generation authentication information of a described ID and a described ID correspondence and to described first label;

Smart-tag authentication authentification of message unit receives the smart-tag authentication information that the legal back of the described authentication information of described first smart-tag authentication sends, and whether authenticate described smart-tag authentication information legal;

The identification renewal unit, when described smart-tag authentication information is legal, generate the P_key of the 3rd ID and the 3rd ID correspondence according to the P_key of a described ID and a described ID correspondence, replace described the 2nd ID in described first authentication content and the P_key of described the 2nd ID correspondence respectively.

12, as authenticating device as described in the claim 11, it is characterized in that, also comprise:

Initialization unit is used for when the initialization of rfid system described sign maintenance unit being carried out initialization, will be initialized as respectively for the two couples of ID and the P_key corresponding with described ID of each tag storage in the described sign maintenance unit:

The initial ID of label, with the corresponding P_key of described initial ID; And

Be initialized as the ID and the P_key that be initialized as certain value corresponding of certain value with described ID.

13, as authenticating device as described in the claim 11, it is characterized in that, described authentication information generation unit is specially, first authentication information generates subelement, be used for generating authentication information according to preset rule according to one or more of the P_key of a described ID, a described ID correspondence and the random number obtained.

14, as authenticating device as described in the claim 11, it is characterized in that, described smart-tag authentication authentification of message unit is specially, the first smart-tag authentication authentification of message subelement, be used for ID, P_key and random number according to described first label of this locality storage, compare according to preset rule generation authentication information and the described smart-tag authentication information that receives from label, comparative result authenticates described label transmission when being identical smart-tag authentication information is legal.

15, as authenticating device as described in the claim 11, it is characterized in that, described identification renewal unit is specially, the first identification renewal subelement, be used for according to one or more of the authenticate password P_key of a described ID, a described ID correspondence and the random number obtained, generate the P_key of the 3rd ID and the 3rd ID correspondence according to preset rule, replace described the 2nd ID in described first authentication content and the P_key of described the 2nd ID correspondence.

16, a kind of labeling apparatus is characterized in that, comprising:

The sign transmitting element is used for sending tag identifier ID to reader;

The authentication information authentication ' unit, whether when being used to receive the authentication information that described reader sends according to described ID, it is legal to authenticate described authentication information;

The smart-tag authentication information generating unit is used in described authentication information authentication ' unit when to authenticate described authentication information be legal, generates smart-tag authentication information and sends to described reader;

The identification renewal unit, when being used to receive described reader to the affirmation of described smart-tag authentication information, the authentication information that sends according to described reader generate new ID and with the described new corresponding new authenticate password P_key of ID.

17, as labeling apparatus as described in the claim 16, it is characterized in that, described authentication information authentication ' unit is specially: the first authentication information authentication ' unit, be used for the authenticate password P_key of the ID according to this label, described ID correspondence and from the random number that described authentication information obtains one or more, compare according to preset rule generation authentication information and the described authentication information that receives from reader, comparative result authenticates described reader transmission when being identical authentication information is legal.

18, as labeling apparatus as described in the claim 16, it is characterized in that, described smart-tag authentication information generating unit is specially, the first smart-tag authentication information generating unit, be used for one or more of the random number obtained according to the authenticate password P_key of described ID, described ID correspondence and from described authentication information, generate smart-tag authentication information and send to described reader according to preset rule.

19, as labeling apparatus as described in the claim 16, it is characterized in that, described identification renewal unit is specially, the first identification renewal unit, one or more of the random number that is used for the authenticate password P_key of the ID according to this label, described ID correspondence and obtains from described authentication information generate new ID according to preset rule; Generate the new authenticate password P_key of described new ID correspondence according to preset rule.

20, a kind of Verification System is used for the smart-tag authentication of rfid system, it is characterized in that, comprising:

Reader, be used for ID according to the label transmission, obtain the information of the label that has the ID consistent in the memory contents with the ID of described label transmission, two sign-authentication informations that comprise described label in the described memory contents are right, each described sign-authentication information is to the sign ID that comprises described label and the authenticate password P_key corresponding with described ID, ID and P_key that of described two sign-authentication information centerings upgrades when comprising the last authentication success of described label; ID according to described unanimity sends with corresponding P_key generation authentication information and to described label; Whether receive the smart-tag authentication information that the legal back of the described authentication information of described smart-tag authentication sends, it is legal to authenticate described smart-tag authentication information; When described smart-tag authentication information is legal, generate new ID and new P_key according to the ID of described unanimity and corresponding P_key, replace the inconsistent ID of ID and the corresponding P_key of described inconsistent ID that send with described label that from described memory contents, get access to label;

Label is used for sending tag identifier ID to reader; Whether when receiving the authentication information that described reader sends according to described ID, it is legal to authenticate described authentication information; When described authentication information is legal, generates smart-tag authentication information and send to described reader; When receiving described reader to the affirmation of described smart-tag authentication information, the authentication information that sends according to described reader generate new ID and with the described new corresponding new authenticate password P_key of ID.

Images