CN102567760A - One-way function-based dynamic password read-write control RFID (Radio Frequency Identification) - Google Patents
One-way function-based dynamic password read-write control RFID (Radio Frequency Identification) Download PDFInfo
- Publication number
- CN102567760A CN102567760A CN2012100065168A CN201210006516A CN102567760A CN 102567760 A CN102567760 A CN 102567760A CN 2012100065168 A CN2012100065168 A CN 2012100065168A CN 201210006516 A CN201210006516 A CN 201210006516A CN 102567760 A CN102567760 A CN 102567760A
- Authority
- CN
- China
- Prior art keywords
- password
- electronic tag
- read
- write line
- dynamic password
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Pending
Links
Images
Landscapes
- Storage Device Security (AREA)
Abstract
The invention relates to one-way function-based dynamic password read-write control RFID (Radio Frequency Identification), which comprises a reader-writer and an electronic tag, wherein a true random number generator and a one-way function-based dynamic password generation module (secret information s_message is built in the modules) are built in both the reader-writer and the electronic tag. The reader-writer can be used for performing read/write operation on the electronic tag only after two parties are mutually authenticated; meanwhile, a random initial value (random data) is also negotiated by mutual authentication. During read/write operation, the reader-writer generates a password of a next round by using a dynamic password of a previous round and the s_message and transmits the password along with a read/write instruction to the electronic tag. After being received by the tag, the password is compared with that generated by the dynamic password generation module; and only when the passwords are consistent, data read/write can be executed. The dynamic password generated by the dynamic password module each round and consisting of the secret information, the random initial value and one-way function cannot be predicted. Thus, dynamic password read/write control of the electronic tag is realized.
Description
Technical field
The present invention relates to the RFID technology, be specifically related to the read-write control technology of RFID.
Background technology
RF identification (RFID, Radio Frequency Identification) is a kind of contactless automatic identification technology, and its ultimate principle is to utilize radiofrequency signal and space coupled transfer characteristic, realizes being known the automatic identification of object.Rfid system generally is made up of read write line and electronic tag; The various data messages of electronic tag storage object correlation; Read write line reads out the data message in the electronic tag (being read operation) with contactless mode in certain scope, and can the data message after handling be write (being write operation) in the electronic tag again.
RFID has been widely used in aspects such as warehousing management, parking lot management, burglary-resisting system, the care of animal at present as a kind of emerging technology.Along with further developing of RFID technology, the field that RFID uses can be more and more widely, and there is strict requirement in wherein many fields to safety of data, and therefore, people also more and more pay attention to the data security of rfid system.
At present, the read-write of RFID control is all carried out after read write line and electronic tag pass through authentication, after read write line and electronic tag are each other through authentication; As long as read write line send to electronic tag reads instruction or write command, and at this moment, electronic tag can be not once more instruct authentication to read write line yet; Read write line promptly can read or revises the data message on the electronic tag; Therefore, the security of existing rfid system is relatively poor, is cracked by the lawless person easily; Revise the data message on the electronic tag, cause the certain economic loss.
Summary of the invention
In order to overcome the deficiency of prior art, the objective of the invention is to propose the RFID that a kind of safe dynamic password read-write based on one-way function is controlled.
In order to achieve the above object, the technical scheme that the present invention adopted is following:
A kind of RFID that controls based on the dynamic password read-write of one-way function; Comprise read write line A and electronic tag B; It is characterized in that; Read write line A, electronic tag B all be built-in with real random number generator, based on the dynamic password module of one-way function, and read write line A, electronic tag B store identical secret information; And if only if for read write line A and electronic tag B each other through after the authentication, and just can carry out following steps: read write line A and electronic tag B both sides consult initial value at random, and initial value is represented with randomdata at random, and make the current dynamic password password of read write line A
A=randomdata, the current dynamic password password of electronic tag B
B=randomdata, randomdata are generated by real random number generator, at this moment, and password
AAnd password
BValue be the value of initial dynamic password, carry out read operation or write operation according to following steps then;
Read write line A and electronic tag B carry out write operation:
(1) output password of establishing the last round of dynamic password module of read write line A is password
A(if read write line A is when carrying out write operation first, password then
ABe randomdata), read write line A operation dynamic password module generates new dynamic password password
A'=OneWayFunc (password
A, s_message);
(2) read write line A sends write command to electronic tag B, and the data function of said write command is WriteData (password
A', offset
W, data, len
W);
(3) electronic tag B receives write command;
(4) output password of establishing the last round of dynamic password module of electronic tag B is password
B (if electronic tag B is when carrying out write operation first, password then
B Be randomdata), electronic tag B operation dynamic password module generates new dynamic password password
B'=OneWayFunc (password
B, s_message);
(5) electronic tag B is to password
A' and password
B' value compare, if password
A'=password
B', then carry out write command, offset
WStart offset amount when carrying out this write command for electronic tag B, the data that data will write to electronic tag B for read write line A, len
WThe length of the data that will write to electronic tag B for read write line A; Otherwise ignore this write command;
Read write line A and electronic tag B carry out read operation:
(1) output password of establishing the last round of dynamic password module of read write line A is password
A(if read write line A is when carrying out read operation first, password then
ABe randomdata), read write line A operation dynamic password module generates new dynamic password password
A'=OneWayFunc (password
A, s_message);
(2) read write line A sends to electronic tag B and reads instruction, and the said data function that reads instruction is ReadData (password
A', offset
R, len
R);
(3) electronic tag B receives and reads instruction;
(4) output password of establishing the last round of dynamic password module of electronic tag B is password
B (if electronic tag B is when carrying out read operation first, password then
BBe randomdata), electronic tag B operation dynamic password module generates new dynamic password password
B'=OneWayFunc (password
B, s_message);
(5) electronic tag B is to password
A' and password
B' value compare, if password
A'=password
B', then carry out and read instruction offset
RStart offset amount when this reads instruction for electronic tag B execution, len
RThe length of the data of reading to electronic tag B for read write line A; Otherwise ignoring this reads instruction;
Wherein,
S_message is the secret information of read write line A, electronic tag B;
OneWayFunc (password
A, s_message) be: the one-way function module makes password
AUnder the effect of s_message, carry out an one-way function computing;
OneWayFunc (password
B, s_message) be: the one-way function module makes password
BUnder the effect of s_message, carry out an one-way function computing.
Preferably, randomdata, password
A, password
B, password
A', password
B', the data length of s_message is the natural number greater than 0.
The present invention has following beneficial effect: because initial dynamic password randomdata is generated by real random number generator; S_message is the secret information that holds in close confidence; By secret information, each dynamic password of taking turns generation of the dynamic password module formed of initial value, one-way function all is unforeseen at random; Can prevent Replay Attack, when read write line carried out read/write operation to electronic tag, electronic tag all will be to the password in the director data
A' data are carried out verification, thereby the dynamic password read/write control after the authentication of realization electronic tag has high security.
Description of drawings
Fig. 1 is the structural representation based on the RFID of the dynamic password of one-way function read-write control of the embodiment of the invention;
Fig. 2 is the read/write operation process flow diagram based on the RFID of the dynamic password of one-way function read-write control of the embodiment of the invention.
Embodiment
Below, in conjunction with accompanying drawing and embodiment, the present invention done further describing, so that clearerly understand the present invention's technological thought required for protection.
Read for ease, define following symbol:
S_message: the secret information that read write line, electronic tag are enjoyed, secret information need hold in close confidence, and the length of secret information is the natural number greater than 0.
Define following three instruction functions:
OneWayFunc (password; S_message): one-way function (OneWayFunc; One Way Function), dynamic password (representing with password) carries out an one-way function computing under the effect of secret information (being s_message); Thereby generate new dynamic password, the inputoutput data length of this function is the natural number greater than 0.
One-way function is the function that satisfies following two characteristics: given input, result of calculation are easy; Given result, counter ask the input be infeasible.
WriteData (password, offset, data, len): the data function of write command, password are read write line and the employed dynamic password of this write operation of electronic tag; The start offset amount of this write operation of offset electronic tag, for example, the data space of electronic tag the inside is 96byte, if offset is 10, promptly this write operation will begin to write the data of len length from the 11st byte in electronic tag data space backward; Data is the data that will write, and len is the length of the data that will write.
(len): the data function that reads instruction, password are read write line and the employed dynamic password of this read operation of electronic tag to ReadData for password, offset; The start offset amount of this read operation of offset electronic tag, for example, the data space of electronic tag the inside is 96byte, if offset is 10, i.e. this read operation will begin to read the data of len length from the 11st byte in electronic tag data space backward; Len is the length of the data that will read.
As shown in Figure 1; A kind of RFID that controls based on the dynamic password read-write of one-way function; It comprises read write line A and electronic tag B; Read write line A, electronic tag B all be built-in with real random number generator, based on the dynamic password module of one-way function, and read write line A, electronic tag B store identical secret information, secret information is predeterminable in the dynamic password module.The RFID of present embodiment has POWER OFF, READY, three kinds of states of AUTHORIZED and AUTHORIZE, WRITE, three kinds of operational orders of READ.
Be that the various states of RFID of present embodiment allow the operational order that carries out below:
POWER OFF, powering state not, electronic tag B do not accept authentication, the read write command operation of read write line A;
READY, powering state, electronic tag can only carry out the authentication instruction;
AUTHORIZED, verified status, electronic tag can be carried out read write command.
Describe in the face of the flow process of various operational orders down:
AUTHORIZE (authentication instruction): read write line A sends the authentication instruction to electronic tag B; Read write line A and electronic tag B are each other through after the authentication; Read write line A and electronic tag B both sides consult initial value at random; Initial value is represented with randomdata at random, and makes the current dynamic password password of read write line A
A=randomdata, the current dynamic password password of electronic tag B
B=randomdata, at this moment, password
AAnd password
BValue be the value of initial dynamic password.Randomdata is generated by real random number generator.
WRITE (write data instruction): as shown in Figure 2, read write line A and electronic tag B carry out write operation, and step is following:
(1) output password of establishing the last round of dynamic password module of read write line A is password
A(if read write line A is when carrying out write operation first, password then
ABe randomdata), read write line A operation dynamic password module generates new dynamic password password
A'=OneWayFunc (password
A, s_message);
(2) read write line A sends write command to electronic tag B, and the data function of said write command is WriteData (password
A', offset
W, data, len
W);
(3) electronic tag B receives write command;
(4) output password of establishing the last round of dynamic password module of electronic tag B is password
B (if electronic tag B is when carrying out write operation first, password then
B Be randomdata), electronic tag B operation dynamic password module generates new dynamic password password
B'=OneWayFunc (password
B, s_message);
(5) electronic tag B is to password
A' and password
B' value compare, if password
A'=password
B', then carry out write command, return to read write line A to operation successful result and data, wherein, offset
WStart offset amount when carrying out this write command for electronic tag B, the data that data will write to electronic tag B for read write line A, len
WThe length of the data that will write to electronic tag B for read write line A; Otherwise ignore this write command, return to the operation failure result read write line A and return the initial operation state.
READ (read data instruction): as shown in Figure 2, read write line A and electronic tag B carry out read operation, and step is following:
(1) output password of establishing the last round of dynamic password module of read write line A is password
A(if read write line A is when carrying out read operation first, password then
ABe randomdata), read write line A operation dynamic password module generates new dynamic password password
A'=OneWayFunc (password
A, s_message);
(2) read write line A sends to electronic tag B and reads instruction, and the said data function that reads instruction is ReadData (password
A', offset
R, len
R);
(3) electronic tag B receives and reads instruction;
(4) output password of establishing the last round of dynamic password module of electronic tag B is password
B (if electronic tag B is when carrying out read operation first, password then
BBe randomdata), electronic tag B operation dynamic password module generates new dynamic password password
B'=OneWayFunc (password
B, s_message);
(5) electronic tag B is to password
A' and password
B' value compare, if password
A'=password
B', then carry out reading instruction, return to read write line A to operation successful result and data information stored thereof, wherein, offset
RStart offset amount when this reads instruction for electronic tag B execution, len
RThe length of the data of reading to electronic tag B for read write line A; Read instruction otherwise ignore this, return to the operation failure result read write line A and return the initial operation state.
It is above-mentioned,
S_message is the secret information of read write line A, electronic tag B;
OneWayFunc (password
A, s_message) be: the one-way function module makes password
AUnder the effect of s_message, carry out an one-way function computing;
OneWayFunc (password
B, s_message) be: the one-way function module makes password
BUnder the effect of s_message, carry out an one-way function computing.
Randomdata, password
A, password
B, password
A', password
B', the data length of s_message is the natural number greater than 0
Can know by above-mentioned read-write operation flow process; Because initial dynamic password randomdata is generated by real random number generator; S_message is the secret information that holds in close confidence, by secret information, each dynamic password of taking turns generation of the dynamic password module formed of initial value, one-way function all is unforeseen at random, can prevent Replay Attack; When read write line carried out read/write operation to electronic tag, electronic tag all will be to the password in the director data
A' data are carried out verification, thereby the dynamic password read/write control after the authentication of realization electronic tag has high security.
For a person skilled in the art, can make other various corresponding changes and distortion, and these all changes and distortion should belong within the protection domain of claim of the present invention all according to the technical scheme and the design of above description.
Claims (2)
1. the RFID that controls based on the dynamic password read-write of one-way function; Comprise read write line A and electronic tag B; It is characterized in that; Read write line A, electronic tag B all be built-in with real random number generator, based on the dynamic password module of one-way function, and read write line A, electronic tag B store identical secret information; And if only if for read write line A and electronic tag B each other through after the authentication, and just can carry out following steps: read write line A and electronic tag B both sides consult initial value at random, and initial value is represented with randomdata at random, and make the current dynamic password password of read write line A
A=randomdata, the current dynamic password password of electronic tag B
B=randomdata, randomdata are generated by real random number generator, at this moment, and password
AAnd password
BValue be the value of initial dynamic password, carry out read operation or write operation according to following steps then;
Read write line A and electronic tag B carry out write operation:
If the output password of the dynamic password module that read write line A is last round of is password
A, if read write line A is when carrying out write operation first, password then
ABe randomdata, read write line A operation dynamic password module generates new dynamic password password
A'=OneWayFunc (password
A, s_message);
Read write line A sends write command to electronic tag B, and the data function of said write command is WriteData (password
A', offset
W, data, len
W);
Electronic tag B receives write command;
If the output password of the dynamic password module that electronic tag B is last round of is password
B , if electronic tag B is when carrying out write operation first, password then
B Be randomdata, electronic tag B operation dynamic password module generates new dynamic password password
B'=OneWayFunc (password
B, s_message);
Electronic tag B is to password
A' and password
B' value compare, if password
A'=password
B', then carry out write command, offset
WStart offset amount when carrying out this write command for electronic tag B, the data that data will write to electronic tag B for read write line A, len
WThe length of the data that will write to electronic tag B for read write line A; Otherwise ignore this write command;
Read write line A and electronic tag B carry out read operation:
If the output password of the dynamic password module that read write line A is last round of is password
A, if read write line A is when carrying out read operation first, password then
ABe randomdata, read write line A operation dynamic password module generates new dynamic password password
A'=OneWayFunc (password
A, s_message);
Read write line A sends to electronic tag B and reads instruction, and the said data function that reads instruction is ReadData (password
A', offset
R, len
R);
Electronic tag B receives and reads instruction;
If the output password of the dynamic password module that electronic tag B is last round of is password
B , if electronic tag B is when carrying out read operation first, password then
BBe randomdata, electronic tag B operation dynamic password module generates new dynamic password password
B'=OneWayFunc (password
B, s_message);
Electronic tag B is to password
A' and password
B' value compare, if password
A'=password
B', then carry out and read instruction offset
RStart offset amount when this reads instruction for electronic tag B execution, len
RThe length of the data of reading to electronic tag B for read write line A; Otherwise ignoring this reads instruction;
Wherein,
S_message is the secret information of read write line A, electronic tag B;
OneWayFunc (password
A, s_message) be: the one-way function module makes password
AUnder the effect of s_message, carry out an one-way function computing;
OneWayFunc (password
B, s_message) be: the one-way function module makes password
BUnder the effect of s_message, carry out an one-way function computing.
2. the RFID that controls based on the dynamic password read-write of one-way function as claimed in claim 1 is characterized in that randomdata, password
A, password
B, password
A', password
B', the data length of s_message is the natural number greater than 0.
Priority Applications (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CN2012100065168A CN102567760A (en) | 2012-01-10 | 2012-01-10 | One-way function-based dynamic password read-write control RFID (Radio Frequency Identification) |
Applications Claiming Priority (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CN2012100065168A CN102567760A (en) | 2012-01-10 | 2012-01-10 | One-way function-based dynamic password read-write control RFID (Radio Frequency Identification) |
Publications (1)
Publication Number | Publication Date |
---|---|
CN102567760A true CN102567760A (en) | 2012-07-11 |
Family
ID=46413132
Family Applications (1)
Application Number | Title | Priority Date | Filing Date |
---|---|---|---|
CN2012100065168A Pending CN102567760A (en) | 2012-01-10 | 2012-01-10 | One-way function-based dynamic password read-write control RFID (Radio Frequency Identification) |
Country Status (1)
Country | Link |
---|---|
CN (1) | CN102567760A (en) |
Cited By (1)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN104469773A (en) * | 2014-12-31 | 2015-03-25 | 平安科技(深圳)有限公司 | Wireless beacon anti-counterfeiting method |
Citations (3)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN101217362A (en) * | 2007-12-29 | 2008-07-09 | 中山大学 | RFID communication security mechanism established based on dynamic randomization DRNTRU public key encryption system |
CN102034307A (en) * | 2010-12-31 | 2011-04-27 | 上海众人网络安全技术有限公司 | Electronic wallet-based dynamic password authentication system and method |
CN102136079A (en) * | 2011-03-07 | 2011-07-27 | 中兴通讯股份有限公司 | Dynamic authentication method between reader and tag card and implementing device thereof |
-
2012
- 2012-01-10 CN CN2012100065168A patent/CN102567760A/en active Pending
Patent Citations (3)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN101217362A (en) * | 2007-12-29 | 2008-07-09 | 中山大学 | RFID communication security mechanism established based on dynamic randomization DRNTRU public key encryption system |
CN102034307A (en) * | 2010-12-31 | 2011-04-27 | 上海众人网络安全技术有限公司 | Electronic wallet-based dynamic password authentication system and method |
CN102136079A (en) * | 2011-03-07 | 2011-07-27 | 中兴通讯股份有限公司 | Dynamic authentication method between reader and tag card and implementing device thereof |
Cited By (2)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN104469773A (en) * | 2014-12-31 | 2015-03-25 | 平安科技(深圳)有限公司 | Wireless beacon anti-counterfeiting method |
CN104469773B (en) * | 2014-12-31 | 2018-08-24 | 平安科技(深圳)有限公司 | A kind of wireless beacon anti-counterfeiting method |
Similar Documents
Publication | Publication Date | Title |
---|---|---|
CN101923660B (en) | Dynamic password identity authorization system and method based on RFID | |
CN103065168B (en) | A kind of electronic tag method for anti-counterfeit and system | |
CN102682311B (en) | Passive radio frequency identification (RFID) secutiry authentication method based on cyclic redundancy check (CRC) code operation | |
CN104885404B (en) | Method for mutual authentication between radio tag and reader | |
CN104182874A (en) | All-purpose card device, all-purpose card system and card information loading method | |
CN103559523B (en) | The contactless read-write device realized based on SWP SE and method | |
CN102938081B (en) | The data processing method of smart card personalization, controller and system | |
CN103107888B (en) | The identity identifying method that the dynamic multi-attribute of facing moving terminal is multi-level | |
CN105405012A (en) | Smart IC card and payment processing method | |
Umar et al. | Performance variation in host-based card emulation compared to a hardware security element | |
CN101976365B (en) | Safe radio frequency identification system | |
CN102289688B (en) | Method and device for label processing and access | |
CN205091758U (en) | Card reader and CPU card transaction system | |
CN102034307A (en) | Electronic wallet-based dynamic password authentication system and method | |
CN102567697A (en) | Reader, RFID (Radio Frequency Identification) tag and reading method of RFID tag | |
CN103997797A (en) | Building method for Internet of Things and Internet-of-Things device | |
CN102411748A (en) | Safety anti-counterfeiting system and method based on two wireless radio frequency tags | |
CN102567760A (en) | One-way function-based dynamic password read-write control RFID (Radio Frequency Identification) | |
US20140065957A1 (en) | Method to implement One Time Readability on NFC Tags | |
CN107729775A (en) | Realize the method and apparatus switched between intelligent cipher key equipment pattern | |
CN206788951U (en) | A kind of gate control system card reader | |
CN107093246A (en) | A kind of gate control system card reader and its method of work | |
CN205068458U (en) | Card reader of smart card | |
US20140289874A1 (en) | Integrated circuit (ic) chip and method of verifying data thereof | |
CN106789045A (en) | A kind of intellective IC card, digital signature system and method |
Legal Events
Date | Code | Title | Description |
---|---|---|---|
C06 | Publication | ||
PB01 | Publication | ||
C10 | Entry into substantive examination | ||
SE01 | Entry into force of request for substantive examination | ||
C12 | Rejection of a patent application after its publication | ||
RJ01 | Rejection of invention patent application after publication |
Application publication date: 20120711 |