CN102684872A - Safety communication method for ultrahigh frequency radio-frequency identification air interface based on symmetrical encryption - Google Patents

Safety communication method for ultrahigh frequency radio-frequency identification air interface based on symmetrical encryption Download PDF

Info

Publication number
CN102684872A
CN102684872A CN2011101551629A CN201110155162A CN102684872A CN 102684872 A CN102684872 A CN 102684872A CN 2011101551629 A CN2011101551629 A CN 2011101551629A CN 201110155162 A CN201110155162 A CN 201110155162A CN 102684872 A CN102684872 A CN 102684872A
Authority
CN
China
Prior art keywords
label
write line
read write
authentication
key
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Granted
Application number
CN2011101551629A
Other languages
Chinese (zh)
Other versions
CN102684872B (en
Inventor
张琛
李建成
王宏义
杨青
李聪
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
National University of Defense Technology
Original Assignee
National University of Defense Technology
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by National University of Defense Technology filed Critical National University of Defense Technology
Priority to CN201110155162.9A priority Critical patent/CN102684872B/en
Publication of CN102684872A publication Critical patent/CN102684872A/en
Application granted granted Critical
Publication of CN102684872B publication Critical patent/CN102684872B/en
Active legal-status Critical Current
Anticipated expiration legal-status Critical

Links

Images

Abstract

The invention discloses a safety communication method for an ultrahigh frequency radio-frequency identification air interface based on symmetrical encryption. The safety communication method comprises the following steps of: performing symmetrical encryption one-way identification on a reader-writer by a label of a system; performing symmetrical encryption one-way authentication on the label by the reader-writer of the system; performing symmetrical encryption bidirectional authentication on the label by the reader-writer; and performing safety communication on the reader-writer and the label of the system, wherein authentication key negotiation is firstly performed by the reader-writer and the label during the authentication process; the legality of the identity of the opposite party is judged by verifying the encryption capacity; and a random session key is generated after the authentication is ended, so that a safe channel for the confidential communication between the reader-writer and the label is provided.

Description

Super high frequency radio frequency identification air interface safety communicating method based on symmetric cryptography
Technical field
The invention belongs to the REID field, relate to a kind of security mechanism of radio-frequency recognition system air interface, relate in particular to a kind of safety certification and communication means of the ultrahigh-frequency radio-frequency identification system air interface based on symmetric cryptography.
Background technology
Radio frequency identification (Radio Frequency Identification is called for short RFID) technology is a kind of non-contact automatic identification technology, and its basic principle is to utilize radiofrequency signal and space coupled transfer characteristic, realizes being known the automatic identification of object.Hyperfrequency (UHF) rfid system is meant that operating frequency is the rfid system of 800~900MHz.The simplest rfid system comprises electronic tag (abbreviation label), read write line and antenna.Wherein, the various information of tag storage object correlation, read write line communicates through radiofrequency signal and label, obtains the identifying information of storing on the label, and can the information after handling be write in the label again.
The RFID technology has been widely used in various fields such as industrial automation, business automation, communications and transportation control and management at present.Along with the broad development of RFID technology, the safety problem of the rfid system particularly safety problem of air interface highlights day by day, becomes one of restriction RFID technical application development key factor.Because the opening of radio communication channel; The air interface of rfid system exists great potential safety hazard; Be faced with various security risks and threat; Attacks such as for example eavesdropping, palm off, reset, tracking, flow analysis and information are distorted, thereby need the safety measure that proposes to be fit to rfid system hardware condition and application demand badly.
The traffic model of rfid system is formed by three layers, is followed successively by from top to bottom: physical layer, communication layers and application layer.Physical layer mainly solves problems such as electric signal, channel allocation, physical carrier.Communication layers has defined the exchanges data and the instruction of read write line and label communication.Application layer is used to solve and the superiors use directly related content, comprises expression and the processing logic of identification, authentication, application layer data etc.International Industry circle and academia roughly can be divided into two types to the solution of the safety problem proposition of rfid system air interface: one type is the fail safe through physical means protection label, mainly is positioned at the physical layer and the communication layers of traffic model; Another kind of is the security protocol that adopts based on cryptographic technique, is positioned at the application layer of traffic model.
Physical method can solve the safety problem of rfid system air interface to a certain extent, but physical method makes the utilance of label low, and fail safe is not very good.Compare with physical method, more and more receive people based on the security protocol of cryptographic technique and more favor.It mainly is to use various authentications and cryptographic means to guarantee the data security between label and the read write line.Because label resources is limited, many security protocols based on cryptographic technique are core design with the Hash function all.But, be not suitable for fail safe have certain requirements finance, diplomacy and national defence field based on security breaches such as the security protocol ubiquity position leakage of Hash function, plaintext transmission id information, hash value conflicts.Use perfect cryptographic algorithm; Like symmetric cryptographic algorithm; Can fundamentally resist attacks such as eavesdropping, flow analysis, information are distorted, tracking, guarantee the security attributes such as confidentiality, integrality, authenticity, availability of data, be the research main flow of this direction at present.
Summary of the invention
The objective of the invention is to, the deficiency to based on the security protocol of Hash function proposes a kind of ultrahigh-frequency radio-frequency identification system air interface security mechanism based on symmetric cryptography, realizes two-way authentication, for the confidential corespondence of read write line and label provides safe lane.
For solving the problems of the technologies described above, the technical scheme that the present invention adopted is: a kind of super high frequency radio frequency identification air interface safety certifying method based on symmetric cryptography is provided, and this method is by following 1), 2), 3) and 4) form:
1) the symmetric cryptography unilateral authentication of system label and read write line;
2) the system read-write device is to the symmetric cryptography unilateral authentication of label
3) read write line is to the symmetric cryptography two-way authentication of label;
4) secure communication of system read-write device and label.
Described super high frequency radio frequency identification, hereinafter is represented with UHF RFID.
UHF rfid system label is to the symmetric cryptography unilateral authentication of read write line, and read write line carries out unilateral authentication earlier before access tag, can help to realize the access control of system level.
UHF rfid system read write line is to the symmetric cryptography unilateral authentication method of label, and read write line carries out unilateral authentication to it earlier before access tag, the reliable stream that ensures transfer of data to, prevent illegal label malice connecting system.
The symmetric cryptography two-way authentication of UHF rfid system read write line and label is all carried out authentication to label and read write line, has guaranteed the authenticity of communicating pair.
The secure communication of UHF rfid system read write line and label; After read write line and label carry out unilateral authentication or two-way authentication; With the high-rise Content of Communication of the session key that generates at random, guarantee confidentiality, integrality, authenticity and the availability of transfer of data effectively.
The present invention provides two-way authentication and the secure communication of read write line and label to unilateral authentication, read write line and the label of read write line of label in the UHF rfid system to guarantee; Can resist the major part attack that the RFID air interface faces; Comprise: eavesdropping attack, Replay Attack, impersonation attack, malice are followed the trail of, information is distorted, forward direction is attacked and the back to attack etc., and can protect the privacy of tag holder.
The present invention is applicable to passive UHF rfid system, the data security and the secret protection of read write line and label air interface in the high-grade UHF rfid system in can satisfying.
Security Target of the present invention is:
(1) adopt the standard symmetric encipherment algorithm to realize two-way authentication between label and the read write line;
(2) it is all inequality at every turn that label sends to the information that has data of read write line;
(3) information that sends to read write line according to label can't be inferred other the information content;
(4) can't know the content of carrying on the label according to mutual information transmitted between label and the read write line;
(5) obtain the information of some labels, can't infer the information on other label through this information.
The present invention requires read write line and label should possess certain calculating and storage capacity.The built-in tandom number generator of read write line and a decipher circuit.Storage security parameter and label key in the label, the built-in tandom number generator of label and a decipher circuit.
One, label is following to the symmetric cryptography unilateral authentication flow process of read write line:
(1) read write line sends security parameter and obtains order Get_SecPara;
(2) label sends security parameter SecPara;
(3) read write line produces random number N according to the safety function in the security parameter r, send request authentication order Req_Auth (N r);
(4) label produces random number N t, use key K earlier t, N rAnd N tGenerate authenticate key AK, produce challenge word C then t, send N tAnd C t
(5) read write line is with the coupling of the key index in security parameter label key K t, use K earlier t, N rAnd N tGenerate authenticate key AK, produce session key SK then, encrypt C with AK again t|| SK, send unilateral authentication order Auth (E AK(C t|| SK));
(6) label is deciphered E with AK AK(C t|| SK) obtain C t' || SK, if C t' and C tEquate that label is thought read write line through authentication, and session key is SK, label return state State; Otherwise label is thought read write line not through authentication, label return state State.
Two, read write line is following to the symmetric cryptography unilateral authentication flow process of label:
(1) read write line sends security parameter and obtains order Get_SecPara;
(2) label sends security parameter SecPara;
(3) read write line produces random number N according to the safety function in the security parameter rWith challenge word C r, transmission obtains authentication command Get_Auth (N r, C r);
(4) label produces random number N t, use key K earlier t, N rAnd N tGenerate authenticate key AK, produce session key SK then, encrypt C with AK r|| SK obtains E AK(C r|| SK) send to read write line;
(5) read write line is with the coupling of the key index in security parameter label key K t, use K earlier t, N rAnd N tGenerate authenticate key AK, decipher E with AK again AK(C r|| SK) obtain C r' || SK, if C r' and C rEquate that read write line is thought label through authentication, and session key is SK, otherwise read write line thinks that label is through authentication.
Three, the symmetric cryptography two-way authentication flow process of read write line and label is following:
(1) read write line sends security parameter and obtains order Get_SecPara;
(2) label sends security parameter SecPara;
(3) read write line produces random number N according to the safety function in the security parameter r, send request authentication order Req_Auth (N r);
(4) label produces random number N t, use K earlier t, N rAnd N tGenerate authenticate key AK, produce challenge word C then t, send N tAnd C t
(5) read write line is with the coupling of the key index in security parameter label key K t, use K earlier t, N rAnd N tGenerate authenticate key AK, produce challenge word C then rWith session key SK, encrypt C with AK again r|| C t|| SK, send two-way authentication order Mul_Auth (E AK(C r|| C t|| SK));
(6) label is deciphered E with AK AK(C r|| C t|| SK) obtain C r' || C t' || SK, if C t' and C tEquate that label is thought read write line through authentication, and session key is SK, otherwise label thinks that read write line is through authentication; If authentication is passed through, label sends C r';
(7) read write line compares C r' and C rIf equate that read write line is thought label through authentication, and session key is SK, otherwise read write line thinks that label is through authentication.
Four, the secure communication of read write line and label is carried out after authentication is accomplished, and the secure communication flow process is following:
(1) read write line produces random number SN r, encrypt cmd||SN with SK r, send secure communication order Sec_Com (E SK(cmd||SN r));
(2) label is deciphered E with SK SK(cmd||SN r) obtain cmd||SN r', label is carried out the order among the cmd, and operating result is result; Produce random number SN then t, encrypt result||SN with SK tObtain E SK(result||SN t) send to read write line;
(3) read write line obtains result||SN with the SK deciphering t', tag operational result is result.
Order and symbol description in the above-mentioned flow process are following:
Get_SecPara: security parameter obtains order.
Req_Auth (): request authentication order.
Auth (): unilateral authentication order.
Get_Auth (): obtain authentication command.
Mul_Auth (): two-way authentication order.
Sec_Com (): secure communication order.
N r: the random number that read write line produces is used to generate authenticate key.
N t: the random number that label produces is used to generate authenticate key.
C r: the random number that read write line produces, as the challenge word of authenticating tag.
C t: the random number that label produces, as the challenge word of authentication read write line.
SN r: the random number that read write line produces, as encrypted random number.
SN t: the random number that label produces, as encrypted random number.
K t: the label key.
AK: authenticate key.
SK: session key.
SecPara: the security parameter relevant with encryption of tag storage with authentication.
State: the mode of operation of label response command.
Cmd: the command frame that does not contain the checking data section.
Result: the response data packet that does not contain the checking data section.
||: the bit series connection.
E K(X): with key K to the X encrypted ciphertext.
Description of drawings
Fig. 1 is the symmetric cryptography unilateral authentication schematic flow sheet of UHF rfid system label of the present invention to read write line;
Fig. 2 is the symmetric cryptography unilateral authentication schematic flow sheet of UHF rfid system read write line of the present invention to label;
Fig. 3 is the symmetric cryptography two-way authentication schematic flow sheet of UHF rfid system read write line of the present invention and label;
Fig. 4 is the secure communication schematic flow sheet of UHF rfid system read write line of the present invention and label;
Fig. 5 is the security parameter format chart.
Embodiment
Below in conjunction with accompanying drawing specific embodiment of the present invention is described in detail.
Fig. 1 is the symmetric cryptography unilateral authentication flow process of UHF rfid system label to read write line, and practical implementation comprises:
(1) read write line sends security parameter and obtains order Get_SecPara;
The frame format that security parameter obtains order is following:
Figure BDA0000067400640000081
Wherein:
Command code: security parameter obtains the coding of order.
The label handle: 11 random numbers and the CRC-5 that send signed and issued in inventory procedure acceptance of the bid.The generator polynomial of CRC-5 is x 5+ x 3+ 1.
Verification: CRC-16 calculates and comprises command code and label handle data segment.The generator polynomial of CRC-16 is x 16+ x 12+ x 5+ 1.If the verification that comprises in the order that label receives is wrong, label does not respond this order.
(2) label sends security parameter SecPara;
It is following that security parameter obtains the response data packet format of order:
Figure BDA0000067400640000082
Wherein:
Security parameter: index is signed the security parameter in the memory block, comprises safe mode, safety function, response reference time, random number length, AES, key length and key index etc., form such as Fig. 5:
Be defined as follows:
A) safe mode: whether indicating label need carry out safety certification, whether need carry out secure communication.
B) safety function: the safety function that indicating label is supported, comprise label to the symmetric cryptography unilateral authentication of read write line, read write line to the symmetric cryptography two-way authentication of symmetric cryptography unilateral authentication, read write line and the label of label and the secure communication of read write line and label.
C) the response reference time: the indication read write line sends request authentication order, unilateral authentication order, obtains the maximum time that needs to continue to send continuous carrier after the orders such as authentication command, two-way authentication order or secure communication order.
D) random number length: the length of the random number that generates in the indication identifying procedure is unit with the word.
E) AES: the symmetric encipherment algorithm that indication is adopted.
F) key length: indication AES key length.
G) key index: be the label key K tThe uni-directional hash value, be unit with the word.Key index supplies read write line to use, and is used to mate the label key K t
The label handle: 11 random numbers and the CRC-5 that send signed and issued in inventory procedure acceptance of the bid.
Verification: CRC-16 calculates and comprises security parameter and label handle data segment.
(3) read write line produces random number N according to the safety function in the security parameter r, send request authentication order Req_Auth (N r);
The frame format of request authentication order is following:
Figure BDA0000067400640000091
Wherein:
Command code: the coding of request authentication order.
The label handle: 11 random numbers and the CRC-5 that send signed and issued in inventory procedure acceptance of the bid.
Verification: CRC-16 calculates and comprises command code and label handle data segment.If the verification that comprises in the order that label receives is wrong, label does not respond this order.
(4) label produces random number N t, use key K earlier t, N rAnd N tGenerate authenticate key AK, produce challenge word C then t, send N tAnd C t
The response data packet format of request authentication order is following:
Figure BDA0000067400640000101
Wherein:
Random number: the random number that is used to generate authenticate key that label produces, i.e. N t
Challenge word: the random number that is used for authentication that label produces, i.e. C t
The label handle: 11 random numbers and the CRC-5 that send signed and issued in inventory procedure acceptance of the bid.
Verification: CRC-16 calculates and comprises random number, challenge word and label handle data segment.
(5) read write line is with the coupling of the key index in security parameter label key K t, use K earlier t, N rAnd N tGenerate authenticate key AK, produce session key SK then, encrypt C with AK again t|| SK, send unilateral authentication order Auth (E AK(C t|| SK));
The frame format of unilateral authentication order is following:
Figure BDA0000067400640000102
Wherein:
Command code: the coding of unilateral authentication order.
Verify data: read write line is to the encrypted result of challenge word and session key, i.e. E AK(C t|| SK).
The label handle: 11 random numbers and the CRC-5 that send signed and issued in inventory procedure acceptance of the bid.
Verification: CRC-16 calculates and comprises command code, verify data and label handle data segment.If the verification that comprises in the order that label receives is wrong, label does not respond this order.
(6) label is deciphered E with AK AK(C t|| SK) obtain C t' || SK, if C t' and C tEquate that label is thought read write line through authentication, and session key is SK, label return state State; Otherwise label is thought read write line not through authentication, label return state State.
The response data packet format of unilateral authentication order is following:
Figure BDA0000067400640000111
Wherein:
Mode of operation: the mode of operation behind the label response command, implication comprise authentication success or operation failure.
The label handle: 11 random numbers and the CRC-5 that send signed and issued in inventory procedure acceptance of the bid.
Verification: CRC-16 calculates and comprises mode of operation and label handle data segment.
Fig. 2 is the symmetric cryptography unilateral authentication flow process of UHF rfid system read write line to label, and practical implementation comprises:
(1) read write line sends security parameter and obtains order Get_SecPara;
(2) label sends security parameter SecPara;
(3) read write line produces random number N according to the safety function in the security parameter rWith challenge word C r, transmission obtains authentication command Get_Auth (N r, C r);
The frame format that obtains authentication command is following:
Figure BDA0000067400640000112
Wherein:
Command code: the coding of obtaining authentication command.
Random number: the random number that is used to generate authenticate key that read write line produces, i.e. N r
Challenge word: the random number that is used for authentication that read write line produces, i.e. C r
The label handle: 11 random numbers and the CRC-5 that send signed and issued in inventory procedure acceptance of the bid.
Verification: CRC-16 calculates and comprises command code, random number, challenge word and label handle data segment.If the verification that comprises in the order that label receives is wrong, label does not respond this order.
(4) label produces random number N t, use key K earlier t, N rAnd N tGenerate authenticate key AK, produce session key SK then, encrypt C with AK r|| SK obtains E AK(C r|| SK) send to read write line;
The response data packet format of obtaining authentication command is following:
Figure BDA0000067400640000121
Wherein:
Verify data: label is to the encrypted result of challenge word and session key, i.e. E AK(C r|| SK).
The label handle: 11 random numbers and the CRC-5 that send signed and issued in inventory procedure acceptance of the bid.
Verification: CRC-16 calculates and comprises verify data and label handle data segment.
(5) read write line is with the coupling of the key index in security parameter label key K t, use K earlier t, N rAnd N tGenerate authenticate key AK, decipher E with AK again AK(C r|| SK) obtain C r' || SK, if C r' and C rEquate that read write line is thought label through authentication, and session key is SK, otherwise read write line thinks that label is through authentication.
Fig. 3 is the symmetric cryptography two-way authentication flow process of UHF rfid system read write line and label, and practical implementation comprises:
(1) read write line sends security parameter and obtains order Get_SecPara;
(2) label sends security parameter SecPara;
(3) read write line produces random number N according to the safety function in the security parameter r, send request authentication order Req_Auth (N r);
(4) label produces random number N t, use K earlier t, N rAnd N tGenerate authenticate key AK, produce challenge word C then t, send N tAnd C t
(5) read write line is with the coupling of the key index in security parameter label key K t, use K earlier t, N rAnd N tGenerate authenticate key AK, produce challenge word C then rWith session key SK, encrypt C with AK again r|| C t|| SK, send two-way authentication order Mul_Auth (E AK(C r|| C t|| SK));
The frame format of two-way authentication order is following:
Wherein:
Command code: the coding of two-way authentication order.
Verify data: read write line is to the encrypted result of challenge word and session key, i.e. E AK(C r|| C t|| SK).
The label handle: 11 random numbers and the CRC-5 that send signed and issued in inventory procedure acceptance of the bid.
Verification: CRC-16 calculates and comprises command code, verify data and label handle data segment.If the verification that comprises in the order that label receives is wrong, label does not respond this order.
(6) label is deciphered E with AK AK(C r|| C t|| SK) obtain C r' || C t' || SK, if C t' and C tEquate that label is thought read write line through authentication, and session key is SK, otherwise label thinks that read write line is through authentication; If authentication is passed through, label sends C r';
The response data packet format of two-way authentication order is following:
Figure BDA0000067400640000132
Wherein:
Challenge word: the challenge word that the label deciphering is returned, i.e. C r'.
The label handle: 11 random numbers and the CRC-5 that send signed and issued in inventory procedure acceptance of the bid.
Verification: CRC-16 calculates and comprises challenge word and label handle data segment.
(7) read write line compares C r' and C rIf equate that read write line is thought label through authentication, and session key is SK, otherwise read write line thinks that label is through authentication.
Fig. 4 is the secure communication flow process of UHF rfid system read write line and label, and practical implementation comprises:
(1) read write line produces random number SN r, encrypt cmd||SN with SK r, send secure communication order Sec_Com (E SK(cmd||SN r));
The frame format of secure communication order is following:
Figure BDA0000067400640000141
Wherein:
Command code: the coding of secure communication order.
Enciphered data: the order data that read write line is encrypted.
The label handle: 11 random numbers and the CRC-5 that send signed and issued in inventory procedure acceptance of the bid.
Verification: CRC-16 calculates and comprises command code, enciphered data and label handle data segment.If the verification that comprises in the order that label receives is wrong, label does not respond this order.
(2) label is deciphered E with SK SK(cmd||SN r) obtain cmd||SN r', label is carried out the order among the cmd, and operating result is result; Label produces random number SN then t, encrypt result||SN with SK tObtain E SK(result||SN t) send to read write line;
The response data packet format of secure communication order is following:
Figure BDA0000067400640000142
Wherein:
Enciphered data: the response data that label is encrypted.
The label handle: 11 random numbers and the CRC-5 that send signed and issued in inventory procedure acceptance of the bid.
Verification: CRC-16 calculates and comprises enciphered data and label handle data segment.
(3) read write line obtains result||SN with the SK deciphering t', tag operational result is result.
In the above flow process, label (read write line) is used key K t, random number N rWith N tThe method that generates authenticate key AK is following:
At first, the cryptographic algorithm of supporting according to label is with N r|| N tBe extended to initial vector IV;
Then, use key K tIV is carried out symmetric cryptography obtain authenticate key AK, promptly
Figure BDA0000067400640000151

Claims (5)

1. the super high frequency radio frequency based on symmetric cryptography is discerned the air interface safety communicating method, it is characterized in that this method comprises:
1) the symmetric cryptography unilateral authentication of system label and read write line;
2) the system read-write device is to the symmetric cryptography unilateral authentication of label;
3) read write line is to the symmetric cryptography two-way authentication of label;
4) secure communication of system read-write device and label.
2. the super high frequency radio frequency identification air interface safety communicating method based on symmetric cryptography according to claim 1 is characterized in that system label is following to the symmetric cryptography unilateral authentication step of read write line:
1) read write line sends security parameter and obtains order Get_SecPara;
2) label sends security parameter SecPara;
3) read write line produces random number N according to the safety function in the security parameter r, send request authentication order Req_Auth (N r);
4) label produces random number N t, use key K earlier t, N rAnd N tGenerate authenticate key AK, produce challenge word C then t, send N tAnd C t
5) read write line is with the coupling of the key index in security parameter label key K t, use K earlier t, N rAnd N tGenerate authenticate key AK, produce session key SK then, encrypt C with AK again t|| SK, send unilateral authentication order Auth (E AK(C t|| SK)), wherein || the series connection of expression bit, E AKExpression with key K to the X encrypted ciphertext;
6) label is deciphered E with AK AK(C t|| SK) obtain C t' || SK, if C t' and C tEquate that label is thought read write line through authentication, and session key is SK, label return state State; Otherwise label is thought read write line not through authentication, label return state State.
3. the super high frequency radio frequency identification air interface safety communicating method based on symmetric cryptography according to claim 1 is characterized in that the system read-write device is following to the symmetric cryptography unilateral authentication flow process of label:
1) read write line sends security parameter and obtains order Get_SecPara;
2) label sends security parameter SecPara;
3) read write line produces random number N according to the safety function in the security parameter rWith challenge word C r, transmission obtains authentication command Get_Auth (N r, C r);
4) label produces random number N t, use key K earlier t, N rAnd N tGenerate authenticate key AK, produce session key SK then, encrypt C with AK r|| SK obtains E AK(C r|| SK) send to read write line;
5) read write line is with the coupling of the key index in security parameter label key K t, use K earlier t, N rAnd N tGenerate authenticate key AK, decipher E with AK again AK(C r|| SK) obtain C r' || SK, if C r' and C rEquate that read write line is thought label through authentication, and session key is SK, otherwise read write line thinks that label is through authentication.
4. the super high frequency radio frequency identification air interface safety communicating method based on symmetric cryptography according to claim 1 is characterized in that the symmetric cryptography two-way authentication flow process of read write line and label is following:
1) read write line sends security parameter and obtains order Get_SecPara;
2) label sends security parameter SecPara;
3) read write line produces random number N according to the safety function in the security parameter r, send request authentication order Req_Auth (N r);
4) label produces random number N t, use K earlier t, N rAnd N tGenerate authenticate key AK, produce challenge word C then t, send N tAnd C t
5) read write line is with the coupling of the key index in security parameter label key K t, use K earlier t, N rAnd N tGenerate authenticate key AK, produce challenge word C then rWith session key SK, encrypt C with AK again r|| C t|| SK, send two-way authentication order Mul_Auth (E AK(C r|| C t|| SK));
6) label is deciphered E with AK AK(C r|| C t|| SK) obtain C r' || C t' || SK, if C t' and C tEquate that label is thought read write line through authentication, and session key is SK, otherwise label thinks that read write line is through authentication; If authentication is passed through, label sends C r';
7) read write line compares C r' and C rIf equate that read write line is thought label through authentication, and session key is SK, otherwise read write line thinks that label is through authentication.
5. the super high frequency radio frequency identification air interface safety communicating method based on symmetric cryptography according to claim 1 is characterized in that the secure communication step of system read-write device and label is:
1) read write line produces random number SN r, encrypt cmd||SN with SK r, send secure communication order Sec_Com (E SK(cmd||SN r));
2) label is deciphered E with SK SK(cmd||SN r) obtain cmd||SN r', label is carried out the order among the cmd, and operating result is result; Produce random number SN then t, encrypt result||SN with SK tObtain E SK(result||SN t) send to read write line;
3) read write line obtains result||SN with the SK deciphering t', tag operational result is result.
CN201110155162.9A 2011-06-10 2011-06-10 Safety communication method for ultrahigh frequency radio-frequency identification air interface based on symmetrical encryption Active CN102684872B (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN201110155162.9A CN102684872B (en) 2011-06-10 2011-06-10 Safety communication method for ultrahigh frequency radio-frequency identification air interface based on symmetrical encryption

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN201110155162.9A CN102684872B (en) 2011-06-10 2011-06-10 Safety communication method for ultrahigh frequency radio-frequency identification air interface based on symmetrical encryption

Publications (2)

Publication Number Publication Date
CN102684872A true CN102684872A (en) 2012-09-19
CN102684872B CN102684872B (en) 2015-01-21

Family

ID=46816276

Family Applications (1)

Application Number Title Priority Date Filing Date
CN201110155162.9A Active CN102684872B (en) 2011-06-10 2011-06-10 Safety communication method for ultrahigh frequency radio-frequency identification air interface based on symmetrical encryption

Country Status (1)

Country Link
CN (1) CN102684872B (en)

Cited By (7)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN103051452A (en) * 2012-12-18 2013-04-17 惠州市亿能电子有限公司 BMS (Battery Management System) data read-write verification method
CN103854042A (en) * 2014-03-14 2014-06-11 智坤(江苏)半导体有限公司 RFID label reader-writer authentication and label anti-cloning method
CN105227308A (en) * 2014-06-13 2016-01-06 华为技术有限公司 A kind of encryption, decryption method and electronic equipment
JP2017500813A (en) * 2014-08-29 2017-01-05 トラフィック マネジメント リサーチ インスティチュート オブ ザ ミニストリー オブ パブリック セキュリティTraffic Management Research Institute Of The Ministry Of Public Security Security authentication method with hidden UHF band electronic tag identification number
CN106712952A (en) * 2015-11-13 2017-05-24 航天信息股份有限公司 Radio frequency tag safety identification method and system
CN111343126A (en) * 2018-12-18 2020-06-26 武汉信安珞珈科技有限公司 Method and system for processing digital certificate application
CN113905367A (en) * 2021-09-28 2022-01-07 国网河南省电力公司桐柏县供电公司 Wireless communication encryption method

Citations (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN101038619A (en) * 2007-02-06 2007-09-19 中国科学院研究生院 Radio frequency recognition system privacy identification method
CN101847199A (en) * 2009-03-24 2010-09-29 复旦大学 Security authentication method for radio frequency recognition system
CN102014386A (en) * 2010-10-15 2011-04-13 西安西电捷通无线网络通信股份有限公司 Entity authentication method and system based on symmetrical code algorithm

Patent Citations (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN101038619A (en) * 2007-02-06 2007-09-19 中国科学院研究生院 Radio frequency recognition system privacy identification method
CN101847199A (en) * 2009-03-24 2010-09-29 复旦大学 Security authentication method for radio frequency recognition system
CN102014386A (en) * 2010-10-15 2011-04-13 西安西电捷通无线网络通信股份有限公司 Entity authentication method and system based on symmetrical code algorithm

Non-Patent Citations (1)

* Cited by examiner, † Cited by third party
Title
白煜: "超高频射频识别(UHF RFID)系统抗干扰策略的研究", <中国博士学位论文全文数据库 信息科技辑> *

Cited By (9)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN103051452A (en) * 2012-12-18 2013-04-17 惠州市亿能电子有限公司 BMS (Battery Management System) data read-write verification method
CN103854042A (en) * 2014-03-14 2014-06-11 智坤(江苏)半导体有限公司 RFID label reader-writer authentication and label anti-cloning method
CN103854042B (en) * 2014-03-14 2017-01-25 智坤(江苏)半导体有限公司 RFID label reader-writer authentication and label anti-cloning method
CN105227308A (en) * 2014-06-13 2016-01-06 华为技术有限公司 A kind of encryption, decryption method and electronic equipment
CN105227308B (en) * 2014-06-13 2019-01-08 华为技术有限公司 A kind of encryption and decryption method and electronic equipment
JP2017500813A (en) * 2014-08-29 2017-01-05 トラフィック マネジメント リサーチ インスティチュート オブ ザ ミニストリー オブ パブリック セキュリティTraffic Management Research Institute Of The Ministry Of Public Security Security authentication method with hidden UHF band electronic tag identification number
CN106712952A (en) * 2015-11-13 2017-05-24 航天信息股份有限公司 Radio frequency tag safety identification method and system
CN111343126A (en) * 2018-12-18 2020-06-26 武汉信安珞珈科技有限公司 Method and system for processing digital certificate application
CN113905367A (en) * 2021-09-28 2022-01-07 国网河南省电力公司桐柏县供电公司 Wireless communication encryption method

Also Published As

Publication number Publication date
CN102684872B (en) 2015-01-21

Similar Documents

Publication Publication Date Title
CN104217230B (en) The safety certifying method of hiding ultrahigh frequency electronic tag identifier
CN101847199B (en) Security authentication method for radio frequency recognition system
CN106712962B (en) Bidirectional authentication method and system for mobile RFID system
CN102684872B (en) Safety communication method for ultrahigh frequency radio-frequency identification air interface based on symmetrical encryption
CN100559393C (en) RFID label and reader thereof, reading system and safety certifying method
CN102682311B (en) Passive radio frequency identification (RFID) secutiry authentication method based on cyclic redundancy check (CRC) code operation
CN103413159B (en) A kind of RFID electronic certificate off-line false proof realization method and system of Jianzhen based on CPK
CN106845304B (en) A kind of method and system for realizing reader and smart-tag authentication in RFID system
CN104184733B (en) A kind of RFID lightweight mutual authentication methods encoded based on CRC
JP6417036B2 (en) Entity authentication method and apparatus based on pre-shared key
CN103279775B (en) Ensure that secret and the rfid system of data integrity and its implementation
CN101882197B (en) RFID (Radio Frequency Identification Device) inquiring-response safety certificate method based on grading key
CN103532718A (en) Authentication method and authentication system
CN104115442A (en) RFID bidirectional authentication method based on asymmetric secret key and Hash function
CN101976363A (en) Hash function based RFID (Radio Frequency Identification Devices) authentication method
CN110190965A (en) A kind of RFID cluster label authentication protocol based on hash function
EP3128696B1 (en) Entity authentication method and device
CN104333539A (en) RFID security authentication method based on Chebyshev mapping
CN101976365B (en) Safe radio frequency identification system
CN103218633B (en) A kind of RFID safety authentication
CN101488179A (en) Authentication method and apparatus for wireless radio frequency recognition system
CN104579688B (en) It is a kind of based on Hash function can synchronized update key RFID mutual authentication method
CN103227793A (en) RFID equipment layer information security transfer method and device based on random sequence
CN104700125A (en) AES encryption and verification of ultra high frequency radio identification system
CN105516182A (en) Bidirectional authentication method and system used between smart card and reader-writer

Legal Events

Date Code Title Description
C06 Publication
PB01 Publication
C10 Entry into substantive examination
SE01 Entry into force of request for substantive examination
C14 Grant of patent or utility model
GR01 Patent grant